All AgenciesPartially ImplementedPartially ImplementedImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially Implemented
Department of Health
Exempt w/ Plan1,450 employeesLast assessed Jan 22, 2026PHI / HIPAA
Medium
58%Compliant
1
Families Implemented
16
Partially Implemented
0
Not Implemented
Overall Control Implementation147 of 236 controls (62%)
NIST SP 800-53 Control Families
AC
Access Control
15/25
AU
Audit and Accountability
10/16
AT
Awareness and Training
4/5
CM
Configuration Management
7/11
CP
Contingency Planning
8/13
IA
Identification and Authentication
9/12
IR
Incident Response
6/10
MA
Maintenance
4/6
MP
Media Protection
5/8
PE
Physical and Environmental Protection
14/20
PL
Planning
6/9
PS
Personnel Security
5/8
RA
Risk Assessment
4/7
CA
Security Assessment and Authorization
5/9
SC
System and Communications Protection
26/44
SI
System and Information Integrity
9/17
PM
Program Management
10/16