GAO: Federal CIOs don't have enough authority

CIOs at federal government agencies--including the U.S. Department of Health & Human Services and Department of Veterans Affairs--don't have enough authority, particularly when it comes to spending, according to a recently published report by the Government Accountability Office.

"The high level-survey responses regarding CIO authority at agencies indicate that several CIOs still do not exercise the authority needed to review and approve the entire IT portfolio, consistent with [Office of Management and Budget] guidance," the report states. "Although OMB has issued guidance and required agencies to report on actions taken to implement it, this has not been sufficient to ensure that agency [chief operating officers] address the issue of CIO authority at their respective agencies."

The report adds that such insufficient guidance hinders the ability of agencies to address various responsibilities.

At HHS, the report states, despite a formal memo in place that outlines the CIO's authority, the CIO has "limited influence and ability to recommend changes" to the overall IT portfolio.

The report comes on the heels of the much maligned rollout of as part of the Affordable Care Act, which was overseen by the Centers for Medicare & Medicaid Services. CMS CIO Tony Trenkle, who was one of several officials in charge of the project, announced last week that he was resigning, effective Nov. 15, to take a job in the private sector.

Meanwhile, CMS Deputy CIO Henry Chao, The Hill reports, was kept in the dark about's potential security issues. Chao recently testified to the House Oversight Committee that he had not been included on a memo about such flaws, although he was involved in development of safeguards for protecting patient privacy for the data hub that data hub that connects state health insurance exchanges created under the Affordable Care Act with federal agencies.

"I'm surprised," Chao said in his testimony. "And I probably--with that knowledge, I would have at least acknowledged what those findings were in the risk assessment." Chao added, however, that lines of communications between agencies involved in the rollout and contractors charged with working on the site may not have been working appropriately.

To learn more:
- here's the GAO report (.pdf)
- read the article from The Hill

Suggested Articles

The Office for Civil Rights is ramping up its focus on the Right of Access Initiative, which ensures patients timely access to their medical records.

Mount Sinai is launching a diversity and inclusion hub to serve as an incubator for new technology and to help diversify the pipeline in innovation.

CVS Health is joining forces with UPS to test several different applications for drone delivery, including sending products directly to patients.