Health Information Management

Work Plan for FY 2016 released

HIM-HIPAA Insider, November 9, 2015

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Office for Civil Rights (OCR) oversight and the security of ePHI are on the Office of the Inspector General’s (OIG) list for 2016. The OIG released its Work Plan for FY 2016, which summarizes new and current OIG reviews of HHS programs and operations. Among the issues OIG is planning to review are security of networked medical devices at hospitals and OCR’s oversight of ePHI.

OCR can continue to expect scrutiny in the coming year. The OIG’s planned review will focus on whether OCR’s oversight of the security of ePHI is adequate. The work plan cites previous OIG audits that found OCR had not “assessed the risks, established priorities, or implemented controls for its HITECH Act requirement to provide for periodic audits of covered entities and business associates to ensure compliance with HITECH Act and HIPAA Rule requirements.” These audits also revealed vulnerabilities in the systems that protect ePHI. The OIG notes that these weaknesses mean that OCR has “limited assurance that covered entities and business associates adequately protected ePHI.”

The OIG will also review the U.S. Food and Drug Administration’s management of the security of computerized networked medical devices, including dialysis machines, radiology systems, and other systems that are integrated with electronic medical records, to determine if current security measures provide sufficient protection for ePHI.
 



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

    Briefings on APCs
  • Briefings on APCs

    Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...

  • HIM Briefings

    Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...

  • Briefings on Coding Compliance Strategies

    Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...

  • Briefings on HIPAA

    How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...

  • APCs Insider

    This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...

Most Popular