Intelligence Unit
Special Reports
Special Events
Subscribe/Buy
Sponsored
Departments
- Leadership
- Finance
- Technology
- Physicians
- Community Hospitals
- Health Plans
- Marketing
- Quality
- Nursing
- HR
Follow Us
Sebelius Shifts HIPAA Security Rule Enforcement to Civil Rights Office
The secretary of HHS shifted enforcement of the HIPAA Security Rule from CMS to the Office for Civil Rights (OCR), according to an HHS announcement published Tuesday in the Federal Register.
Until now, OCR has enforced only the HIPAA Privacy Rule, which protects the privacy of patients' health information and the confidentiality provisions of the Patient Safety Rule, which protect PHI from being used to analyze patient safety events and improve patient safety.
The security rule–published in the Federal Register on February 20, 2003–specifies a series of administrative, technical, and physical security procedures for covered entities to assure the confidentiality of electronic protected health information (i.e., encryption standards).
"I think it's smart for HHS to merge the enforcement responsibilities," says Jeff Drummond, health law partner in the Dallas office of Jackson Walker LLP. "But I don't think this signals a watershed shift in enforcement strategy."
The announcement by HHS Secretary Kathleen Sebelius comes as Congress this year helped move a bill through that supports stronger enforcement of HIPAA laws and greater compliance duties from entities who handle PHI.
Be the first to make a comment
- Healthcare Continues Strong Job Growth
- Essential Health Benefits Bulletin Draws Fire
- 5010 Deadline Extended, But Threat Remains, Says AMA
- 2 Tactics for ICD-10 & VBP Clinical Documentation
- Keeping Readmission Rates Low with Treatment Guidelines
- What If Your Car Cared About Your Health?
- Engineering a High-Performance Emergency Department
- Top 10 Healthcare Quality Issues for 2011
- Hospital HCAHPS Scores Beat Expectations
- Don't Give Up on Dead Claims
