EsqSocial

On June 21, 2021, OIG released a report titled “Medicare Lacks Consistent Oversight of Cybersecurity for Networked Medical Devices in Hospitals” (OEI-01-20-00220) (the OIG Report). OIG determined that CMS’s accreditation survey protocol does not include requirements for networked device cybersecurity, and Medicare Accreditation Organizations (AOs) do not employ their discretion to require hospitals to have cybersecurity plans. OIG recommended that CMS take additional steps to address...
By: King & Spalding