Updated OIG Work Plan focuses on EHRs and ACOs, interoperability
The Department of Health and Human Services Office of Inspector General (OIG) has updated its work plan with a new focus area on EHRs.
Several older items have been deleted but the 2015 update says that the OIG will review the use of EHRs by accountable care organizations to coordinate care.
"We will review the extent that providers participating in ACOs in the Medicare Shared Savings Program use electronic health records [EHRs] to exchange health information to achieve their care coordination goals," according to the plan. "We will also assess providers' use of EHRs to identify best practices and possible challenges in their progression toward interoperability [the extent that information systems can exchange data and have the ability to interpret those shared data]."
OIG has several EHR-related priorities that will remain in the 2015 work plan including the following:
- The extent to which hospitals comply with HIPAA's EHR contingency planning requirements
- Whether providers that received Medicare and/or Medicaid Meaningful Use incentive payments were entitled to the money
- Whether covered entities are adequately securing electronic patient protected health information created or maintained by certified EHR technology; OIG specifically states that hospitals must conduct security risk analyses
The updated plan now does not include a review of whether business associates, such as cloud services and other downstream service providers, are adequately securing electronic patient protected health information or a review of the Centers for Medicare & Medicaid Services' oversight of hospitals' security controls over networked medical devices.
The organization said it will continue to focus on emerging concerns, including IT systems security vulnerabilities in reform programs, and possibly the security of electronic data and the exchange of health IT.
Read the work plan update.