The Pentagon inspector general on Thursday announced plans to audit, starting this month, the security of Army digital patient files.
The probe comes at a time when government and private hospitals are up against employees who inadvertently compromise health care records and bad guys who extort money in exchange for leaving health data unharmed, among other computer threats.
“Our objective is to determine whether the Army designed and implemented effective security protocols to protect electronic health records and individually identifiable health information from unauthorized access and disclosure,” Carol Gorman, assistant inspector general for readiness and cyber operations, said in a memo.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
This inspection will be the first in a series of reviews of controls meant to protect military electronic patient records and personal health information, she says.
Computer systems will be reviewed at the U.S. Army Medical Command; the enhanced Multi-Service Market led by the Army in the Puget Sound region; the Army medical center at Joint Base Lewis-McChord, Washington; and one Army hospital and clinic each at Fort Carson, Colorado.
During the audit, examiners may identify other locations they want to review, Gorman said.
Military health care IT is a high-risk, high-reward industry in a field where lives are at stake, according to recent developments.
The Pentagon last summer awarded Leidos and partners a $9 billion contract to build a next-generation electronic health records system. The setup was expected to be running at initial operating capability by December, but the DOD inspector general this spring signaled the system might miss that deadline.
More recently, on July 14, the Defense Health Agency awarded EHR Total Solutions a potential $70 million contract for workflow assistance at military treatment facilities that use “tri-service” electronic health record systems. The five-year deal …