The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) Work Plan for fiscal year 2015 provides a view into the OIG's planned areas of focus for investigation and enforcement activities in the coming year. Unlike the previous year, where more than half of all the projects were new, there are only 19 new projects this year with none of those directed solely at physicians. The 2015 OIG Work Plan continues to focus heavily on hospitals as they have the distinction of having the most projects at 22.
According to the plan, much of the agency's ongoing work will continue, including focusing on emerging payment, eligibility, management, and information technology systems security issues in Affordable Care Act programs, such as the health insurance marketplace. Of particular note to a wide range of providers, the Work Plan also explains how the agency will focus on key areas of HIPAA compliance.
One key area of HIPAA compliance the OIG is investigating is health care professionals' and providers' implementation of EHR technology under the meaningful use program to prevent erroneous incentive payments. Although the full extent of OIG's review is unknown, it will likely include review of providers' EHR systems and policies to ensure compliance with meaningful use requirements. EHR security is another area of focus, with OIG planning to closely investigate the security of certified EHR technology. Providers subject to an audit of their EHR systems can expect OIG to review relationsips with business associates, in particular EHR cloud service providers, to determine whether adequate systems and policies are in place to protect electronic health information created or maintained by certified EHR technology.