When, if ever, will there be actual consequences for school districts that still do not practice basic security hygiene? Comptroller DiNapoli has released yet another k-12 district IT audit where the are results so bad that they won’t make them public. From the state’s summary: Audit Objective Determine whether Mount Pleasant Central School District (District)…
Search Results for: DiNapoli
State audits of school district IT reveal why k-12 districts are sitting ducks for threat actors
On July 15, New York State Comptroller Thomas P. DiNapoli released the following school district audits. Clicking on the links will take you to the fuller reports, but even then, some things were so bad, it seems, that findings were told to the districts, but not put in writing in public reports that threat actors…
NYS Comptroller releases IT audit of True North Rochester Preparatory Charter School
One day, I’ll read an IT audit from NYS Comptroller DiNapoli and will smile at the good report. Today is not that day, however. The following is a summary of the audit of of True North Rochester Preparatory Charter School. According to the state, “the School’s IT network and assets are managed by an IT…
NYS audit of Glen Cove City School District finds deficiencies in IT procedures
NYS Comptroller DiNapoli has released the state’s audit of the Glen Cove City School District . The audit concerned portable electronic devices. Key findings from the audit: There was no written policy for notifying the IT office of new hires, keeping track of equipment assigned to employees and collecting equipment when an employee leaves District employment. The District’s…
NYS: Audit of Roswell Park Cancer Institute for ePHI security
NYS Comptroller DiNapoli’s Office released an audit of Roswell Park Cancer Institute’s security for ePHI under the requirements of HITECH. The summary reports: The institute has taken many steps to safeguard its electronic protected health information (ePHI) and meet security requirements. In addition, auditors found the institute has adequate protection policies in place and a plan to make…
NYS Comptroller: Stony Brook University Hospital Failed to Monitor Transcription Service Properly
From a press release by the NYS Comptroller: Stony Brook University Hospital’s Health Information Management Department repeatedly failed to comply with state guidelines and university policies related to contracting, vendor monitoring, and hiring or promotions, possibly costing taxpayers nearly $1 million, according to an audit released today by New York State Comptroller Thomas P. DiNapoli. […] “We…