All AgenciesPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedNot ImplementedPartially ImplementedPartially ImplementedPartially ImplementedNot ImplementedPartially ImplementedPartially ImplementedPartially ImplementedPartially ImplementedNot ImplementedPartially ImplementedPartially ImplementedPartially Implemented
Human Services Department
Non-Compliant2,100 employeesLast assessed Jan 10, 2026PII / Medicaid / HIPAA
High
31%Compliant
0
Families Implemented
14
Partially Implemented
3
Not Implemented
Overall Control Implementation71 of 236 controls (30%)
NIST SP 800-53 Control Families
AC
Access Control
8/25
AU
Audit and Accountability
4/16
AT
Awareness and Training
2/5
CM
Configuration Management
3/11
CP
Contingency Planning
2/13
IA
Identification and Authentication
5/12
IR
Incident Response
3/10
MA
Maintenance
2/6
MP
Media Protection
1/8
PE
Physical and Environmental Protection
10/20
PL
Planning
3/9
PS
Personnel Security
4/8
RA
Risk Assessment
2/7
CA
Security Assessment and Authorization
1/9
SC
System and Communications Protection
12/44
SI
System and Information Integrity
5/17
PM
Program Management
4/16
Remediation Required by Aug 1, 2026
Conduent breach exposed critical gaps in MMIS systems. Immediate remediation plan required for all HIPAA-covered systems. Legacy mainframe migration must be prioritized.