The OIG has added two more items to their Work Plan in September of 2018. Let’s take a quick look.
Enforcement in opioid use and abuse has been on the rise so it’s not surprising the OIG is adding another opioid issue to their work plan. This time it’s in opioid use in the Indian Health Service. According to the OIG, opioid abuse and overdose deaths are at crisis levels in the United States, with approximately 49,000 Americans dying from opioids in 2017, an increase from more than 42,000 in 2016. Consistent with previous OIG work in Medicare Part D and Medicaid, the OIG will determine the extent to which beneficiaries are receiving extreme amounts of opioids through Indian Health Service (IHS), as well as IHS-employed prescribers and IHS-run pharmacies that have questionable prescribing or dispensing patterns. This review will also determine how IHS prevents and detects opioid misuse or abuse, as well as how it enforces its opioid-related policies.
The second area the OIG added in September is a follow-up review of a Head Start Grantee. Specifically, a community-based, not-for-profit organization was awarded a Head Start grant to provide early childcare, social services, education, health, nutrition, and related services to children and their families at three centers in the Bronx, New York. The Administration for Children and Families requested that the Office of Inspector General conduct an audit of this grantee because of its high risk of noncompliance with Federal requirements. OIG will determine whether this grantee claimed Head Start costs that were allowable under applicable Federal regulations and the terms of the grant. The review will focus on two specific areas: the related-party transactions and the restitution of embezzled funds.
In other news, Hurricane Florence has affected HIPAA regulations in addition to the terrible toll it has been taking on life and property in North Carolina. As part of his declaration of a Public Health Emergency (PHE), HHS Secretary Alex Azar has waived sanctions and penalties under certain provisions of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule that may otherwise apply to covered hospitals, including provisions that generally require covered entities to give patients the opportunity to agree or object to sharing information with family members or friends involved in the patient’s care. This waiver applies only to the emergency area and for the emergency period identified in the PHE declaration and only to hospitals that have instituted a disaster protocol. Qualifying hospitals can take advantage of the waiver for up to 72 hours from the time the hospital implements its disaster protocol unless the PHE declaration terminates first.
Even without a waiver, the Privacy Rule allows patient information to be shared to assist in disaster relief efforts and to assist patients in receiving the care they need. As explained in more detail in OCR’s Bulletin on Hurricane Florence and HIPAA, the Privacy Rule permits covered entities to share information for treatment purposes, public health activities, and to prevent or lessen a serious and imminent threat to health or safety. The Privacy Rule also allows the sharing of information with individuals’ family, friends, and others involved in their care in emergency situations to ensure proper care and treatment.
“HHS is committed to leaving no one behind during disasters, and this guidance is designed to help emergency responders and health and human service providers meet that goal,” said Roger Severino, OCR Director. “OCR also provides technical assistance on HIPAA and civil rights to emergency responders and hospitals so they feel empowered to help people and families in crisis.”
CJ Wolf
Questions or Comments?