OIG names 2017 goals: Bolstering HHS and NIH data security, tackling EHR challenges

As outlined in HHS Office of Inspector General's 2017 work plan, the agency will also review the FDA's plan to address cybersecurity issues of medical devices.
By Jessica Davis
01:28 PM

The Office of Inspector General has the National Institute of Health's security and data control in its crosshairs. Its recently released 2017 agenda highlighted the need to ensure protection and privacy of Precision Medicine Initiative volunteer data.

The 2016 fiscal year budget provided $200 million to NIH for PMI and more than 1 million volunteers will provide personal health information under the program to be studied by researchers. Official said securing this data is a high priority.

OIG also plans to audit HHS information security system security controls that track prescription drug disbursements. Officials will determine if these HHS applications – such as the network, tools and databases – meet federal information security standards.

Further, officials will also determine HHS compliance with the Federal Information Security Modernization Act of 2014.

The U.S Department of Health and Human Services OIG Work Plan for fiscal year 2017 outlines both new and ongoing OIG projects within the HHS operations and programs.

"Our organization protects the integrity of HHS programs and operations and the well being of beneficiaries by detecting and preventing fraud, waste and abuse; identifying opportunities to improve program economy, efficiency and effectiveness; and holding accountable those who don't meet program requirements or who violate Federal healthcare laws," the report authors noted.

Also included in the plan are reviews to address issues with electronic health records. OIG will determine the extent of which providers in ACOs in the ASSP use EHRs for health information exchange to meet care coordination goals, as well as challenges to HIE like interoperability, financial barriers and information blocking.

Further, OIG will look at the U.S. Government Accountability Office's findings on improper incentive payments – the biggest risk for EHR incentive programs. OIG will assess CMS safeguards to prevent invalid meaningful use payments.

OIG will also audit providers who have received meaningful use payments to verify patient information is being properly protected.

Another important note from the report: OIG will review the FDA's plans to address the cybersecurity flaws in medical devices.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Healthcare IT News EHR Satisfaction Survey 2016
⇒ Comparison chart: How readers rated their EHR in 2016 vs. 2015
⇒ EHRs getting better? Readers rank them higher than last year
Health IT executives have a new favorite dirty word 
EHR interoperability: Ripe for disruption?

Like Healthcare IT News on Facebook and LinkedIn

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.