HHS OIG 2017 work plan continues scrutiny of EHRs

The Department of Health and Human Services Office of Inspector General (OIG) seems to have given itself a bit of a breather when it comes to its investigation of electronic health record-related issues in its 2017 work plan.

While the plan, published Nov. 10, makes note of several health IT and EHR concerns specified in prior plans, it doesn't add any EHR-related issues to the 2017 work plan.

OIG will continue to review:

  • The extent to which providers participating in accountable care organizations in the Medicare Shared Savings Program use EHRs to exchange health information to achieve care coordination goals and providers’ use of EHRs to identify best practices and possible challenges to exchange and use of health data, such as the degree of interoperability, financial barriers or information blocking
  • Medicare incentive payments and safeguards to prevent erroneous payments
  • Incentive payment data to identify providers who didn’t meet selected Meaningful Use Criteria
  • The Centers for Medicare & Medicaid Services' plans to oversee payments and corrective actions taken
  • Covered entities to determine whether they adequately protect EHR information created or maintained by certified EHR technology, specifically referencing the need to conduct security risk analyses

OIG reported that it has completed its review of Medicaid incentive payments for adopting EHRs, as well as its investigation of whether hospitals had adopted EHR contingency plans.

In 2016, OIG had added two new areas to examine. It also did not add back in several EHR-related issues in prior work plans that had subsequently been removed, such as whether cloud services providers are adequately securing electronic protected health information or CMS’ oversight of networked medical devices.

OIG did, however, leave the door open to adding more EHR-related issues to its work plan in the future, using the same language as the 2016 work plan:

“Going forward, OIG’s planning efforts will consider the significant challenges that exist with respect to health IT adoption; Meaningful Use; and interoperability across providers, across HHS, and between providers and patients," OIG states. "Future work may also examine the outcomes from health IT investments. OIG expects to broaden its portfolio regarding information privacy and security, including issues that arise from the continuing expansion of the Internet of Things."