HHS Budget Cuts: What About Privacy, Security Initiatives?Trump's 'Skinny Budget' Draft Is Light on Details
So, what do we know so far about the Trump administration's plans for funding health data security and privacy initiatives in fiscal 2018? Not much, based on the so called "skinny budget" document the White House released on March 16.
See Also: Live Webinar: Digital Identity Trust
We do know that Trump proposes to slash the Department of Health and Human Services' budget by $15.1 billion, or nearly 18 percent, to $69 billion.
Will protecting health data privacy and security be among HHS' priorities in the Trump administration?
Two HHS agencies critical to health information security and privacy related issues - the Office of the National Coordinator for Health IT, which oversees health IT standards and policies, including those related to secure health health data exchange, and the Office for Civil Rights, which enforces HIPAA - aren't mentioned in the Trump administration's preliminary budget.
An HHS spokesman tells Information Security Media Group that more detailed budget documents from the White House's Office of Management and Budget likely will be issued in the spring. OMB did not immediately respond to an ISMG inquiry about when HHS' detailed budget proposal would be released.
Proposed HHS Cuts
Where would Trump's proposed cuts to HHS be made? The preliminary budget shows that more than a third of the cuts would come from slashing $5.8 billion in funding for the National Institutes of Health. Those cuts will come from "consolidation and structural changes" across the organization and deep cuts in research activities, the document says.
Other HHS cuts include chopping "discretionary programs," including community services block grants and home energy assistance for low income people by about $4.2 billion, and eliminating $403 million in training programs for nurses and other health professions.
Of course, it should be noted that budget proposals from any president represent the spending priorities of the White House and are rarely approved by Congress as-is.
There's already strong opposition to many of Trump's budget proposals from Congressional members in both parties, including Democrats who are vilifying Trump's proposed cuts to domestic programs, such as Meals on Wheels, as well as from GOP leaders from rural states that could see programs - including Amtrak service - eliminated under the White House plan.
Sen. Lamar Alexander, R-Tenn., noted in a statement: "The president has suggested a budget, but, under the Constitution, Congress passes appropriations bills. As a member of the Senate Appropriations Committee, my priorities are national defense, national laboratories, the National Institutes of Health and national parks."
Alexander is former chairman of the Senate Health Committee, which pushed hard for the passage of the 21st Century Cures Act and was signed into law last December by former President Obama.
The Act calls for NIH to spend nearly $4.8 over 10 years, including: $1.8 billion for a "cancer moonshot" to speed research; $1.4 billion for President Obama's Precision Medicine Initiative to drive research into the genetic, lifestyle and environmental variations of disease; and $1.6 billion for the BRAIN Initiative to improve understanding of Alzheimer's and other diseases and speed diagnosis and treatment.
But Congress needs to authorize that funding each year. A line in Trump's blueprint budget notes that the 21st Century Cures Act "permitted funds to be appropriated each year for cer¬tain activities outside of the discretionary caps so long as the appropriations were specifically provided for the authorized purposes." Alexander's office declined to comment about how Trump's proposals could potentially impact NIH funding related to the Act.
ONC is also potentially affected by 21st Century Cures Act funding, because the legislation calls for ONC to work on health IT interoperability and data exchange.
ONC and OCR Funding
The Obama administration had sought budget increases for both ONC and OCR in recent years, but those requests were for the most part turned down by Congress. We'll have to see what recommendations the Trump administration makes for ONC and OCR funding once a detailed budget document is released in the coming weeks.
For several years, OCR had been seeking a bigger budget to help fund the HIPAA compliance audit program, which finally restarted last year after being delayed since a pilot program ended in 2012. Phase two of the compliance audit program is still continuing, with OCR analyzing findings of about 200 or so "remote" audits of covered entities and business associates. Last fall, OCR officials had said they had hoped to also begin a smaller number of on-site audits in the first quarter of 2017, but that's been put off for now. The big question is whether OCR will get the funding it needs to carry out the onsite audits and keep the entire audit program going.
HIPAA settlement money collected by OCR as a result of its enforcement activity is said to be helping the agency fund the current audit program. But that source of funding might soon diminish.
The HITECH Act, passed back in 2009, calls for OCR to share with individuals "harmed" by breaches the settlement payments and civil monetary penalties collected by the agency. But a rule to carry out that provision has yet to be drafted and remains on OCR's to-do list.
Healthcare fraud-busting apparently is targeted for a funding boost under the president's budget draft.
The budget proposal "strengthens the integrity and sustainability of Medicare and Medicaid by investing in activities to prevent fraud, waste, and abuse and promote high quality and efficient healthcare," the blueprint says.
HHS Secretary Tom Price, M.D., in a statement about Trump's proposal, says the budget "will help ensure we are delivering critical services to our fellow citizens in the most efficient and effective manner possible. Part of that support involves a robust commitment to preventing waste, fraud and abuse across the department, particularly within the Medicare and Medicaid programs."
But will protecting health data privacy and security be among HHS' priorities in the Trump administration?