Department of Health

Healthcom Network Security Controls (Follow-Up Report)

The Department of Health maintains sensitive and confidential data on various computer systems, many of which are operated on or connected to an internal Department computer network called Healthcom. As is noted in report 2002-S-34, we audited selected aspects of the security controls in place over the Healthcom network and found that certain improvements could be made in these controls. When we followed up on these matters with Department officials, we found that they had taken numerous actions to implement our audit recommendations, but additional actions were still needed. To protect the security of the network’s operations, our detailed audit findings were not included in either our original audit report or our follow-up report.

For a complete copy of Report 2005-F-3 click here.
For a copy of the 90-day response click here.