October 2009

The Health IT Standards Committee within the Department of Health and Human Services will begin an unprecedented effort to get the public's view on how our work might "pull forward" the benefits of healthcare information technology (IT). Specifically, we're interested in uncovering new strategies to accelerate the adoption of health IT standards. This effort began with the passage of the American Recovery and Reinvestment Act of 2009, calling for recommendations on standards to promote safe, secure, healthcare information exchange. "Standards" are really the guardians of quality, consistency, and interoperability. Without thoughtful, clear and uniform standards, we cannot enable the seamless and secure exchange of electronic health information (or the benefits that accrue to providers and patients from such protected exchanges). So, while the exploration of technical standards may seem mundane to some, it is foundational to electronic health records (EHRs) and electronic health information exchange more broadly. In other words, it's worth paying some attention to, and voicing your opinions.

US policies toward defending against cyber warfare need to take a different approach than the government has against other forms of attack, three cybersecurity experts said Thursday. It will be difficult for the US government to voice and follow through with a policy of cyber deterrence, like it has with nuclear attacks, said Martin Libicki, a senior management scientist specializing in cybersecurity at Rand, a nonprofit think tank. First, it's difficult to identify attackers, especially when some nations appear to be sponsoring private attackers, he said during a meeting of the Congressional Cyber Caucus. But it may also be difficult for the U.S. to follow through with threats of counter attacks, when U.S. cyber experts don't know how much damage the attacks could do, he added. With cyber attacks, some countries may be willing to gamble on the U.S. capability, unlike with nuclear attacks, he said.

[Commentary] Recent data provided newspaper lovers with fodder for despair and newspaper haters with fodder for glee. It might be a case of making too much of a few numbers and ignoring some important ones. First of all, there's nothing ipso facto shocking about a decline in patronage of 10 percent in six months. Many political blogs and cable news shows have seen their audiences fall by much more than 10 percent since the feverish fall of 2008. And advertising at plenty of online publications has fallen by a similar amount.

The economic stimulus law is causing numerous new health information technology audits at the Health and Human Services Department, according to a new fiscal 2010 work plan released by HHS' Office of Inspector General. Under the law, the Centers for Medicare and Medicaid Services (CMS) will distribute about $30 billion in incentive payments to doctors and hospitals through 2016. Medicare will pay about $18 billion, and Medicaid around $12 billion, according to the Congressional Budget Office. Those payments will go to providers that have purchased and demonstrated the so-called "meaningful use" of certified electronic health record systems. Oversight of those payments, implementation of IT system modifications to manage those payments, reviews of frauds and errors related to those payments, and audits of breach notification requirements are among the areas for IT-related audits to be started in fiscal 2010 as a result of the stimulus law, the work plan states. The plan was made available recently on the HHS IG's Web site recently. The IG intends to review CMS' oversight and program management and the procedures to prevent duplicative and fraudulent incentive payments and CMS' compliance with the law's new breach notification requirements for personally identifiable information and medical identity theft.