A collection of agencies regulate and govern the technological side of healthcare in the U.S. The Department of Health and Human Services Office for Civil Rights (OCR) is in charge of HIPAA enforcement, by auditing healthcare providers and their business associates and handing out fines for noncompliance. The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) both play roles as healthcare compliance resources and regulators of the meaningful use program.
CMS is in a position to reduce the Medicare reimbursement payments of meaningful use participants that fail to meet the criteria and OCR has started to audit covered entities and business associates for HIPAA compliance.
The Food and Drug Administration (FDA) also has a place in managing health IT. The FDA evaluates medical devices and classifies them by the level of risk they could present to users.