The Board had significant weaknesses in the controls to protect its data, which contains sensitive medical and other confidential information.
To minimize security risks, auditors communicated details separately to the Board’s management in writing.
Pursuant to Standard 9.61 of the U.S. Government Accountability Office’s Generally Accepted Government Auditing Standards,
certain information was omitted from this report because that information was deemed to present potential risks related to public safety,
security, or the disclosure of private or confidential data. Under the provisions of Texas Government Code, Section 552.139, the omitted
information is also exempt from the requirements of the Texas Public Information Act.
Jump to Chapter 5