Deeper Than the Headlines: September 2017 OIG Work Plan Updates

The OIG has updated their work plan in the last year more frequently than in the past and recently added nine more items in September of 2017. Anytime the OIG updates their work plan, I think it’s important to take a deep dive into the new content. So, let’s chat about four of the nine new items.

If you’re new to the Healthicity blog, you can find my last update here.

HHS Incident Response Capability:

Healthcare providers are increasingly on the hook for data security and privacy responsibilities. Well, what about the government?  The OIG appears to be trying to address this question by adding “HHS Incident Response Capability” to their work plan.

The newly added item states, “FISMA requires Federal agencies to implement policies and procedures for detecting, reporting, and responding to security incidents. Increased threats to critical cyber-based infrastructure systems have created a need for Government agencies to increase their computer security efforts. Incidents involving cyber security and privacy threats, such as malware, malicious user activity, and vulnerabilities associated with highly interconnected technology require a skilled and rapid response to reduce their likelihood and to reduce or mitigate loss or destruction of data, loss of funds, loss of productivity, and damage to the agency's reputation. We will determine whether HHS has sufficiently implemented incident response capabilities to safeguard the Department's information technology systems and data.”

Medicaid Health Home Services for Beneficiaries with Chronic Conditions:

CMS has approved certain optional Medicaid State Plan benefits for 21 states and D.C. for health home programs. Health homes are meant to coordinate care for Medicaid beneficiaries who have chronic medical conditions. States receive significant funding from the federal government for these types of programs. There are more than 1 million Medicaid beneficiaries enrolled in these programs and OIG intends to “review Medicaid health home programs for compliance with relevant Federal and State requirements.”

Medicaid Nursing Home Life Safety Reviews

Recently, Long Term Care facilities experienced updated CMS requirements relating to facilities’ life safety and emergency preparedness.  For example, there were requirements regarding fire safety such as sprinkler and smoke detector systems as well as training residents annually for sheltering in place and evacuation.

According to the work plan addition, the “OIG is reviewing this area because residents of LTC facilities are particularly vulnerable to the risk of fires, since many of these residents have limited or no mobility. Our objective is to determine if LTC facilities that received Medicare or Medicaid funds complied with new Federal requirements for life safety and emergency preparedness for the period May 4, 2016, through November 15, 2017.”

Availability of Behavioral Health Services in Medicaid Managed Care

In the U.S., the single largest payer for behavioral health services is Medicaid. Such services include treatment for mental health conditions (such as bipolar disorder) and substance abuse disorders (such as opioid dependence). Some current research shows there might be a shortage of providers willing to provide these kinds of services to Medicaid managed care networks suggesting there may not be enough providers to meet the needs of the Medicaid population.

The OIG work plan addition “will determine the extent to which Medicaid managed care plans include behavioral health providers and whether enough providers are available to meet the needs of the Medicaid population.”

These are four of the nine updates. For all nine of the September updates visit the OIG’s website.

Any questions or comments about the new updates? Put it in the comments below!