HIX Data Hub Readiness Questioned by Lawmakers
Most of the committee member's questions were fielded by Kay Daly, the assistant inspector general for audit services in the Office of Inspector General at HHS.
Daly's office released just last month a report on the implementation of the data services hub [PDF] from a security perspective. It noted that a "security authorization decision by the authorizing official, the CMS Chief Information Officer, is expected on Sept. 30. CMS is working with very tight deadlines to ensure that security measures for the Hub are assessed, tested, and implemented by Oct. 1. If there are additional delays in completing the security assessment and testing, the CMS CIO may have limited information on the security risks and controls when granting the security authorization of the hub."
Daly said during her testimony that CMS had just reported that the security authorization was completed on Sept. 6. Daly's office had not yet been able to do a thorough assessment of the new information, she said.
Meehan confirmed with Daly the steps in the security authorization process, including beta testing to identify the program flaws, making repairs, and then retesting. "Two or three weeks ago they couldn't certify to us that they had begun the beta testing," Meehan said, "do you believe that they made up all that work in such a short time?"
- Senators Hear How Two-Midnight Rule Harms Patients, Hospitals
- 3 Management Lessons from a Supermarket Debacle
- Handshaking Spreads Germs. Get Over It.
- Healthcare Costs Start With What We Eat
- Hospitals Likely to Outsource ICD-10 at Launch
- IOM Identifies GME Problems, Calls for Finance Changes
- CMS Confirms ICD-10 Deadline
- Anatomy of 3 Health System Rebranding Efforts
- Premium Subsidy Fight Creating Uncertainty for Hospitals, Health Plans
- 2015 HIX Premium Hikes May Top 7%