DoD Inspector General Plans Security Audit of Army’s EHR System | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

DoD Inspector General Plans Security Audit of Army’s EHR System

August 8, 2016
by Heather Landi
| Reprints

The Department of Defense Inspector General plans to investigate the cybersecurity of the military’s electronic health records and individually identifiable health information, according to a DoD memo.

The audit is slated to begin this month and will be performed at the U.S. Army Medical Command, the enhanced Multi-Serve Market led by the Army in Puget Sound Region in Washington, the Army medical center at Joint Base Lewis-McChord, Washington and one Army hospital and clinical each at Fort Carson, Colorado.

“Our objective is to determine whether the Army designed and implemented effective security protocols to protect electronic health records and individually identifiable health information from unauthorized access and disclosure,” Carol Gorman, assistant inspector general, readiness and cyber operations, at the DoD IG’s office wrote in the memo.

Gorman also wrote that the audits starting in August are the first in a series of audits of military department security protocols over electronic health records and individually identifiable health information. “We will consider suggestions from management on additional or revised objectives,” Gorman wrote.

Gorman also wrote that the DoD IG may identify additional locations during the audit.

As previously reported by Healthcare Informatics, Defense Department plans to roll out its $9 billion modernized EHR system by the end of this year, however, a DoD IG audit report released in June stated that the timeline “may not be realistic.”

In that audit report, the DoD Inspector General cautioned about potential delays involved with developing and testing the interfaces needed to interact with legacy systems and ensuring the new EHR system is secure against cyber attacks.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.

HHS Announces Winning Solutions in Opioid Code-a-Thon

The U.S. Department of Health and Human Services (HHS) hosted this week a first-of-its-kind two-day Code-a-Thon to use data and technology to develop new solutions to address the opioid epidemic.

In GAO Report, More Concern over VA VistA Modernization Project

A recent Government Accountability Office (GAO) report is calling into question the more than $1 billion that has been spent to modernize the Department of Veterans Affairs' (VA) health IT system.

Lawmakers Introduce Legislation Aimed at Improving Medicare ACO Program

U.S. Representatives Peter Welch (D-VT) and Rep. Diane Black (R-TN) have introduced H.R. 4580, the ACO Improvement Act of 2017 that makes changes to the Medicare accountable care organization (ACO) program.