Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Public Summary Report: South Carolina Did Not Meet Federal Information System Security Requirements for Safeguarding Medicaid Management Information System Data and Supporting Systems

Issued on  | Posted on  | Report number: A-04-13-05049

Report Materials

South Carolina (the State) did not safeguard Medicaid Management Information System (MMIS) data and supporting systems in accordance with Federal requirements. Specifically, the State had not implemented an adequate risk management process that included contractor oversight, established a security plan for the MMIS, implemented media protection for laptop computers, met Federal requirements for the security of software and data, adequately addressed vulnerabilities on network devices or Web sites, or implemented adequate security awareness and role-based training programs. These weaknesses occurred because the State had not established priorities or allocated the resources necessary to secure Medicaid systems and information.

We recommended that the State establish priorities and allocate the resources necessary to implement our detailed recommendations for improving the controls necessary to safeguard its Medicaid information and systems The State concurred with all our recommendations and described actions that it had taken or planned to take to implement them.


-
-
-