New secretary of the U.S. Department of Health and Human Services

Kathleen Sebelius served as the secretary of the U.S. Department of Health and Human Services (HHS) for five years before resigning this week. Sebelius served as the representative for the troublesome roll-out of HealthCare.gov and it has been suggested that she sees the March 31 deadline for sign-ups under the Affordable Care Act (ACA) as a good time to transition leadership.

President Obama has nominated Syliva Mathews Burwell to fill the role. Burwell currently serves as director of the Office of Management and Budget.

ONC restructuring workgroups to meet the needs of today’s healthcare environment.

This week, at the Health Information Policy Committee, covered by Healthcare IT News, Karen DeSalvo, the National Coordinator for Health Information Technology urged the panel to consider what needs to change in the organization. DeSalvo suggested restructuring the existing workgroups to allow consumer and privacy advocates to participate in all areas. The revised workgroups suggested are: HIT Strategic Planning, Advanced Health Models and Meaningful Use / MIPS, HIT Implementation, Usability and Safety, and Interoperability and Health Information Exchange.

Medicare Part B payments published for the first time, ever.

On Wednesday of this week, the Centers for Medicare and Medicaid Services (CMS) published the Medicare Part B payment records for individual physicians and physicians practices. The payment records were made available in response to demand for more transparency on the part of CMS as it relates to physician billing records.

The data shows that routine office visits account for the largest share of Medicare physician payments. In the coming weeks, analysts will look over the data to identify payment trends and expose outliers among services and providers.

Coverage on this story in Modern Healthcare also addresses the American Medical Association’s (AMA) concerns over the release of the data.

Review of CMS’ Security Risk Assessment tool.

HHS reports that 931 breaches occurred in 2013, affecting nearly nine million patients. The Office for Civil Rights (OCR) also publishes its resolution agreements, and three of the last four provider-based agreements specifically call out the inadequacy of a risk analysis as one of the key compliance issues.

Because of their concern regarding the inadequacies of the risk analyses currently in place at provider organizations, the HHS Office of the National Coordinator for Health Information Technology (ONC) and OCR released a security risk assessment (SRA) tool to help guide healthcare providers to conduct adequate risk assessments of their organizations. The tool is primarily focused on small to mid-sized physician practices, but providers of all sizes can use it as part of their assessments of information security risks required by the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the core requirement to protect health information provided in the Meaningful Use / MIPS rule. A detailed review of the tool can be found on the Phoenix Health Systems’ blog.