Health Net and Centene Agree to Pay Over $11 Million to Settle Allegations of Cybersecurity Violations in DoD TRICARE Program Administration
Health World News

Health Net and Centene Agree to Pay Over $11 Million to Settle Allegations of Cybersecurity Violations in DoD TRICARE Program Administration

Health Net Federal Services Inc. (HNFS), a subsidiary of Centene Corporation, has agreed to pay over $11 million to settle allegations that it failed to comply with cybersecurity requirements in a contract with the U.S. Department of Defense (DoD).

The issue stems from the company’s management of the TRICARE health benefits program for servicemembers and their families.

The Allegations Behind the Settlement

The allegations date back to between 2015 and 2018, during which time HNFS reportedly failed to meet certain cybersecurity standards required by its contract with the Department of Defense.

These included failing to scan for vulnerabilities in their network and not fixing known security flaws on time.

The company also allegedly ignored internal audits and reports from third-party security auditors regarding several cybersecurity risks.

According to the U.S. Department of Justice, HNFS had falsely certified compliance with the cybersecurity requirements in its annual reports to the Defense Health Agency (DHA), which oversees the TRICARE program.

Government Officials Respond to the Settlement

Acting Assistant Attorney General Brett A. Shumate, head of the Justice Department’s Civil Division, emphasized the importance of protecting sensitive government data, especially information concerning servicemembers.

He stated, “Companies that hold sensitive government information must meet their contractual obligations to protect it.”

Similarly, Acting U.S. Attorney Michele Beckwith for the Eastern District of California stressed that by failing to meet cybersecurity requirements, HNFS had not only violated its contract but had also failed in its duty to protect the families of military personnel.

Settlement Marks the Importance of Cybersecurity Protection

This settlement is a reminder of the critical importance of safeguarding government data, particularly information related to the health and well-being of servicemembers and their families.

Kenneth DeChellis, Special Agent in Charge of the Cyber Field Office at the Defense Criminal Investigative Service (DCIS), stated that the settlement reflects the significance of protecting TRICARE from cyber threats.

The case was handled by the Civil Division’s Fraud Section, the U.S. Attorney’s Office for the Eastern District of California, and supported by multiple offices of the DoD’s Inspector General.

The DoD continues to take cybersecurity violations seriously and is committed to investigating contractors who fail to comply with federal cybersecurity requirements.

No Final Determination of Liability

Although a settlement has been reached, it’s important to note that the claims made against HNFS and Centene are merely allegations at this stage, and no final determination of liability has been made.

The settlement amount will go toward resolving the concerns raised in the case, ensuring that government contracts related to sensitive information are more carefully monitored moving forward.

This article was published on TDPel Media. Thanks for reading!

Share on Facebook «||» Share on Twitter «||» Share on Reddit «||» Share on LinkedIn