OIG Issues Questionnaire on Electronic Health Record Security Practices


The HHS Office of Inspector General (OIG) has issued an 18-page, 54-question survey regarding the safety and audit practices used by hospitals to safeguard information stored in electronic health records (EHRs).  These surveys are directed to a number of eligible hospitals that have successfully attested to meaningful use of certified EHR technology under the HITECH Act.  The survey was due back to OIG by October 26, 2012, but we understand that some providers have been granted extensions.  The questionnaire is available by clicking here.

The questionnaire focuses on several areas of interest: coding practices; user authentication procedures; access to the EHR by entities other than the hospital; audit log use and capabilities; procedures for entry of physician progress and nursing notes into the EHR; export of information from the EHR; patient access; and “copy and paste” capabilities.

The questionnaire is the most recent in a series of events scrutinizing provider use of EHRs.  On September 22, 2012, the New York Times reported that some experts believe providers are using EHRs to bill for medically unnecessary services.  Shortly after publication of that article, Attorney General Eric Holder and HHS Secretary Kathleen Sebelius issued a joint letter to the major hospital trade associations warning against misuse of EHRs.  The letter particularly focused on providers cutting-and-pasting progress notes and diagnoses from one patient record to another without any indication of specific, individualized evaluation.  These developments were summarized in detail in the October 1, 2012 edition of Health Headlines, available by clicking here.

Reporter, Christopher Kenny, Washington, D.C., +1 202 626 9253, ckenny@kslaw.com.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.