The HHS Office of Inspector General's updated work plan includes an evaluation of the department's response to cybersecurity threats.
OIG will audit whether the Department of Health and Human Services "sufficiently implemented incident response capabilities to safeguard the Department's information technology systems and data," it announced, as increased threats have made it crucial for government agencies to improve their cybersecurity efforts.
"Incidents involving cybersecurity and privacy threats, such as malware, malicious user activity, and vulnerabilities associated with highly interconnected technology require a skilled and rapid response to reduce their likelihood and to reduce or mitigate loss or destruction of data, loss of funds, loss of productivity, and damage to the agency's reputation," the OIG said.
The results will be published sometime in 2018, according to the summary.
Two key elements of the 2017 work plan include continued scrutiny of electronic health records, encompassing issues like interoperability and security, and rising drug prices. When the OIG released its work plan last fall, it left the door open to add more investigations to the plan throughout the year.
Multiple high-profile and far-reaching cyberattacks have put the industry's preparedness in the spotlight over the past several months. The WannaCry ransomware shut down the United Kingdom's National Health Service hospitals, and experts suggested that healthcare's cyber vulnerabilities could make the next attack even more dangerous for patient data.