HHS Under the Microscope

HHS Under the Microscope

While President-elect Trump’s pick for U.S. Department of Health and Human Services (HHS) Secretary, Robert F. Kennedy, Jr., put the agency in even international newspapers this week, the department governing public health and healthcare quality quietly had two notable reports attached to it that highlight a pair of issues it is responsible for that are likely to be found in the spotlight through the next few years.

The HHS Office of Inspector General (OIG) published a report last week examining how well hospitals are complying with price transparency requirements – or, as the results showed, how few hospitals are actually complying. OIG stated that the agency conducted the audit because it believes a lack of transparency and compliance with the 2021 final rule is to blame for the projected jump in healthcare spending in the future.

The report cites a Centers for Medicare & Medicaid Services (CMS) projection that healthcare spending is on track to account for 20 percent of the American economy by 2027. It also noted that Congress and the media have expressed concern over an apparent lack of compliance with transparency rules.

A total of 100 hospitals were randomly selected, and 37 of them did not comply with federal law. A total of 34 failed to comply with a requirement related to machine-readable files (MRFs), while 14 failed to comply with a requirement related to displaying shoppable services. OIG estimates that almost half of the 5,900 hospitals nationwide that are required to comply with the final rule do not, in fact, comply with requirements related to publicly displaying standard charges. 

The report suggests that hospital staff believe that this lack of enforcement is due to confusion or uncertainty about specific requirements, limited resources, and a lack of assistance from CMS. And indeed, the report indicates that CMS’s enforcement mechanisms are not sufficient to ensure compliance. CMS officials apparently agreed, citing staffing issues. However, the report found that CMS has made strides this year and last in reviewing higher numbers of hospitals, assigning additional staff to reviews, and imposing civil penalties on noncompliant hospitals, and the agency cited improved rulemaking regarding the standardization of MRFs that should also shore up its enforcement power.

The report ended with a few recommendations on the issue, and while any incoming president and administration often rolls back certain policies and regulations when they take over, it is unlikely that the Trump Administration will stop or slow price transparency or other consumer-centric healthcare policies. The original transparency regulations, in fact, were published and subsequently defended in court under his first administration, so it is likely that another Trump administration will continue the support and enforcement of these and similar policies.

In another report, the U.S. Government Accountability Office (GAO) said that HHS is not meeting the mark when it comes to leading the charge on healthcare cybersecurity. Noting the dramatic increase in healthcare cybersecurity incidents over the last few years, the report highlighted the “challenges” HHS has faced in implementing cybersecurity initiatives to mitigate risk and collaborate with other government agencies on improving practices.

This includes several areas in which the agency reportedly falls short: not adequately monitoring the healthcare sector’s implementation of ransomware mitigation practices, not evaluating how effective its support (which comes in the form of documents, trainings, and threat briefings) is to the sector, and not coordinating properly with other cybersecurity-focused groups, agencies, and the states.

This report also ended with recommendations for HHS, suggesting that the agency determine how well the healthcare sector is adopting ransomware risk reduction strategies, evaluate which types of support are most effective to the sector, and coordinate with other agencies and states to make sure policies and requirements are consistent across the healthcare sector, as opposed to patchworked.

We also expect that the new Congress and the Trump Administration will likely continue to focus on cybersecurity in the healthcare space. We expect that that focus will be both inward-facing, at what the government should be doing, and externally, at how the commercial healthcare space can shore up its cyber defenses.

Facebook
Twitter
LinkedIn

You May Also Like

Leave a Reply

Please log in to your account to comment on this article.

Subscribe

Subscribe to receive our News, Insights, and Compliance Question of the Week articles delivered right to your inbox.

Resources You May Like

Trending News

Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →

Unlock 50% off all 2024 edition books when you order by July 5! Use the coupon code CO5024 at checkout to claim this offer!

CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24