The U.S. Defense Department (DoD) Inspector general revealed that it will conduct the first in a series of security audits of the U.S. Army’s electronic health record system.
The purpose of the audit, “is to determine whether the Army designed and implemented effective security protocols to protect electronic health records and individually identifiable health information from unauthorized access and disclosure,” according to a memorandum from Carol Gorman, assistant IG for readiness and cyberoperations.
[Also: CIO LaVerne Council says VA needs new EHR with analytics, cloud, patient experience capabilities]
The audit will take place at the U.S. Army Medical Command, the enhanced Multi-Service Market led by the Army in the Puget Sound Region in Washington, the Army medical center at Joint Base Lewis-McChord, Washington, and one Army hospital and clinic each at Fort Carson, Colorado.
The Inspector General’s office raised security concerns about the Army’s EHR earlier this year.
In March, the office, in an audit summary recommended that DoD re-examine whether its Defense Healthcare Management Systems’ deadline for implementing its new electronic medical records system is achievable, citing security questions among others.
“While the DHMSM program office has identified risks and mitigation strategies,” the audit said, “it is still at risk for obtaining an EHR system by the December 2016 initial operational capability date because of the risks and potential delays involved in developing and testing the interfaces needed to interact with legacy systems, ensuring the system is secure against cyberattacks, and ensuring the fielded system works correctly and that users are properly trained.”
Twitter: @HealthITNews