The Health and Human Services Department’s inspector general plans to take a cold, hard look at the department’s privacy and security policies with a particularly close eye on initiatives of the HITECH Act, which enshrined health IT practices into HHS regulation.
The IG’s work plan for 2011, as reported by GovInfoSecurity, indicates five areas of focus:
The Medicare and Medicaid electronic health records incentive program
One of the provisions of the HITECH Act and of the healthcare law passed last year would provide incentives for healthcare providers that can show “meaningful use” of EHR initiatives.
The IG will focus on stopping and remedying payments made in error.
Health Information Exchanges
Another area of focus will be on the Office of the National Coordinator for Health IT’s standards and certification criteria for health information exchanges. Just this week, the ONC announced the final steps in a national program for EHR certification.
The IG will ensure quality controls for the certification program are in place.
CMS IT Upgrade
As the Centers for Medicare and Medicaid undergo a sweeping IT overhaul, the inspector general will focus on keeping the information contained in EHRs secure.
HIPAA Security, Medical Identity Theft
Finally, the IG will focus on HHS Office of Civil Rights’ oversight of HIPAA compliance as well as CMS policies for medical identity theft.