The Office of the Inspector General has requested a $400 million FY budget and an additional 284 full-time employees to help expand their audits of the healthcare industry’s use of electronic health records, HIPAA security, EHR incentive payments and fraud. Priorities for 2015 include:
- Identify EHR system fraud and determine “how certified EHR systems address these vulnerabilities.”
- Review Medicaid and Medicare EHR incentive payments and ascertain if providers or hospitals received payments they should not have received.
- Analyze the IT security of community health centers funded by the Health Resources and Services Administration.
- Review the Centers for Medicare & Medicaid Services health information technology systems and verify the agency adopted necessary security controls to protect EHR data.
“We will perform audits of various covered entities receiving EHR incentive payments from CMS and their business associates, such as EHR cloud service providers, to determine whether they adequately protect electronic health information created or maintained by certified EHR technology,” OIG officials outlined in the 2015 report.