Cybersecurity Flaws at FDA Put Health Data at Risk, GAO Says

  • 87 weaknesses in FDA’s systems include lack of firewalls
  • Agency needs a complete risk assessment, report says

Computer systems at the U.S. Food and Drug Administration are riddled with weaknesses that make confidential, personal health information vulnerable to potential hackers, a government watchdog said.

A review of the FDA’s online information systems found more than 80 weaknesses including a lack of cybersecurity firewalls, according to the Government Accountability Office, Congress’s investigative arm.

The GAO audit was part of a congressional initiative to fortify data security at government agencies that stockpile volumes of public data. The GAO made 15 recommendations for strengthening FDA’s systems, including a complete risk assessment, employee training and consolidation of systems.

“Significant harm to FDA’s reputation and economic damage to regulated industries could result if this information is not adequately protected against cyber threats,” the GAO said in the report.

FDA said it has begun adopting the recommendations in response to the report.

Before it's here, it's on the Bloomberg Terminal.