Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Cybersecurity Testing of HHS and Consumer Mobile Applications

Various HHS OpDivs use mobile applications as alternative ways to reach mobile device users. Cybersecurity researchers have indicated that a large majority of Android and iOS apps across every industry lack the most basic security protections. HHS-OIG will perform a series of penetration test audits of certain mobile applications to determine whether security controls protecting HHS and its OpDivs' mobile applications are effective in preventing certain cyberattacks. Also, as part of this work, we will determine whether HHS and its OpDivs are following required security standards and policies for the development and vetting of mobile apps. HHS-OIG will perform this work because of the steady increase in the use of mobile apps by HHS and its OpDivs to provide access to health services.

Announced or Revised Agency Title Component Report Number(s) Expected Issue Date (FY)
Revised CDC, NIH, AHRQ Cybersecurity Testing of HHS and Consumer Mobile Applications Office of Audit Services W-00-22-42040 2025