Security News > 2020 > February > Watchdog Agency: Improper Use of Medicare Data Rampant

The Department of Health and Human Services Office of Inspector General on Friday released findings of an audit it conducted at the request of the Centers of Medicare and Medicaid Services that looked into how a mail order pharmacy and other healthcare providers were misusing a type of electronic transaction meant to verify Medicare beneficiaries' eligibility for certain coverage benefits.

HHS OIG confirmed to Information Security Media Group that the findings from that smaller scale audit prompted the launch of a more expansive nationwide investigation into whether Medicare beneficiary information is being inappropriately obtained through these electronic Eligibility Verification Transactions, also known as or E1 transactions, violating patients' privacy.

The E1 transactions are meant to provide coverage information about Medicare beneficiaries in order for pharmacies and other authorized entities that dispense drugs to bill for a prescription or determine drug coverage "Billing order" when the beneficiary is covered by more than one insurance plan.

HHS OIG also notes that the improper E1 transactions also involved potential violations of HIPAA. "E1 transactions require protected health information to determine the beneficiary's eligibility coverage, which is protected by HIPAA [to] protect the confidentiality and integrity of electronic PHI while it is being electronically stored or transmitted between entities," HHS OIG writes.

The widespread problems HHS OIG found in the relatively small sampling of entities and E1 transactions examined suggest that privacy, identity theft, fraud and related risks to Medicare beneficiaries could be pervasive nationwide.

News URL

https://www.inforisktoday.com/watchdog-agency-improper-use-medicare-data-rampant-a-13727