Penetration Tests of State Medicaid Management Information Systems and Eligibility & Enrollment Systems
State Medicaid agencies use the Medicaid Management Information System (MMIS) for administrating the Medicaid program; processing beneficiary and provider inquiries and services; operating claims control and computer capabilities; and managing reporting for planning and control. State Medicaid Eligibility & Enrollment (E&E) systems support processes related to a determination of Medicaid coverage and required procedures necessary for registration. State agencies are responsible for the security of MMIS and E&E systems. HHS OIG will perform a series of penetration tests in select State MMIS or Medicaid E&E environments to identify cybersecurity vulnerabilities on high-risk information systems and networks.
Announced or Revised | Agency | Title | Component | Report Number(s) | Expected Issue Date (FY) |
---|---|---|---|---|---|
Completed (partial) | Centers for Medicare and Medicaid Services | Penetration Tests of State Medicaid Management Information Systems and Eligibility & Enrollment Systems | Office of Audit Services | W-00-20-42028; W-00-21-42028; A-18-20-08005; A-18-20-08004; A-18-20-08003; A-18-21-09003; A-18-21-09004; A-18-21-09001; A-18-22-09005; A-18-22-09010 |
2025 |