Maryland Did Not Adequately Secure Its Medicaid Data and Information Systems

HHS oversees States’ use of various Federal programs, including Medicaid. State agencies are required to establish appropriate computer system security requirements and conduct biennial reviews of computer system security used in the administration of State plans for Medicaid and other Federal entitlement benefits (45 CFR § 95.621). This review is one of a number of HHS, Office of Inspector General, reviews of States’ computer systems used to administer HHS-funded programs.