Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Small Southeastern Hospital Had Effective Cybersecurity Controls To Prevent, Detect, and Respond To Cyberattacks

Issued on  | Posted on  | Report number: OAS-25-18-033

Why OIG Did This Audit

  • The health care sector’s growing reliance on information technology for patient care, telemedicine, and records has heightened vulnerability to cyberattacks. HHS plays an important role in guiding and supporting the adoption of cybersecurity measures to protect sensitive patient data and health care delivery from cyberattacks.
  • This audit examined whether a small hospital in the southeast United States (the Entity) had implemented cybersecurity controls to prevent, detect, and respond to cyberattacks.

What OIG Found

The Entity implemented effective cybersecurity controls to prevent, detect, and respond to cyberattacks, including our simulated cyberattacks. The controls included a custom system designed to block unusual or suspicious activity. The Entity detected and flagged our testing as suspicious, indicating operational monitoring and responsiveness to potential threats.

What OIG Recommends

This report does not contain recommendations.