Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Public Summary Report: South Carolina Did Not Meet Federal Information System Security Requirements for Safeguarding Medicaid Management Information System Data and Supporting Systems

South Carolina (the State) did not safeguard Medicaid Management Information System (MMIS) data and supporting systems in accordance with Federal requirements. Specifically, the State had not implemented an adequate risk management process that included contractor oversight, established a security plan for the MMIS, implemented media protection for laptop computers, met Federal requirements for the security of software and data, adequately addressed vulnerabilities on network devices or Web sites, or implemented adequate security awareness and role-based training programs. These weaknesses occurred because the State had not established priorities or allocated the resources necessary to secure Medicaid systems and information.

We recommended that the State establish priorities and allocate the resources necessary to implement our detailed recommendations for improving the controls necessary to safeguard its Medicaid information and systems The State concurred with all our recommendations and described actions that it had taken or planned to take to implement them.

Filed under: Center for Medicare and Medicaid Services