The Social Security Act requires that each Medicare administrative contractor (MAC) have its information security program evaluated annually by an independent entity. The Centers for Medicare & Medicaid Services (CMS) contracted with Guidehouse, LLP (Guidehouse), to evaluate information security programs at the MACs, using a set of agreed-upon procedures (AUPs). HHS OIG must submit to Congress annual reports on the results of these evaluations, to include assessments of their scope and sufficiency. This report fulfills that responsibility for fiscal year 2018.
Friday, August 23, 2019
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
Component, if applicable:
Centers for Medicare & Medicaid Services
Type of Report: