The OIG will focus multiple audit and inspection projects on information systems, cybersecurity practices, data integrity and digital services across the HHS system and Department of Family and Protective Services. These audits signal the state’s interest in tightening oversight of how vendors handle sensitive data and compliance obligations.
Part of the focus, according to the plan, is to look for "programs, services, providers and contractors with an elevated potential for fraud, waste and abuse."
Among the technology-focused audits scheduled:
- IT Security and Continuity: Audits will assess whether managed care organizations (MCOs) and local behavioral health authorities have effective safeguards in place to protect confidential HHS data and maintain continuity of operations.
- TIERS Data Integrity: The Texas Integrated Eligibility Redesign System, a core component of benefits processing, will undergo a continued review to evaluate the effectiveness of its automated and manual processing controls.
- Financial Systems Oversight: OIG will review how MCOs prepare and report expenses on their financial statistical reports, testing for compliance with laws and contract requirements and evaluating internal control design and effectiveness.
- Vital Records Security: The audit of the Department of State Health Services’ Vital Statistics Unit will examine system and document security around the processing of birth certificates.
- Cost Reporting Systems: Providers participating in programs such as Home and Community Based Services and Federally Qualified Health Centers will be reviewed for accuracy and completeness in their electronic cost reporting submissions.
The plan also notes that audits may be reprioritized based on emerging risks or resource shifts.
The full audit plan is available from the Texas Health and Human Services Office of Inspector General.
