GAO: Tighter HIPAA Safeguards Needed at HHS
The Government Accountability Office (GAO) released a report this month that says the Department of Health and Human Services (HHS), the enforcer of HIPAA privacy and security rules, has safeguards that do not always protect sensitive information it shares with contractors.
The report—Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information, released this month—cites patient health and medical information as one of the examples of "sensitive information."
GAO's report assesses the:
- Extent to which government guidance and contracts contain safeguards for contractor access to sensitive information
- Adequacy of government-wide guidance on how agencies are to safeguard sensitive information to which contractors may have access
The report also reviews practices of the Department of Defense (DOD) and Department of Homeland Security (DHS).
It found that DOD's and HHS' guidance do not always protect "all relevant types of sensitive information contractors may access during contract performance," according to a one-pager of report highlights released by the GAO.
"GAO's analysis of guidance and contract actions at three agencies found areas where sensitive information is not fully safeguarded and thus may remain at risk of unauthorized disclosure or misuse."
- 12 Hires to Keep Your Hospital Out of Trouble
- 'Mega Boards' Could be Rural Healthcare Disruptor
- Meaningful Use Payment Adjustments Begin
- 1 in 5 Eligible Hospitals Penalized for HACs
- Ratcheting Up Patient Experience Has a Downside
- HL20: Lee Aase—Who's Behind @MayoClinic
- No Boost to NFP Hospital Bond Ratings from Medicaid Expansion
- HL20: Peter Semczuk, DDS, MPH—Taking on the Big Challenges
- Top 3 Nursing Lessons of 2014
- HL20: Rebecca Katz—Cooking Up Sustainable Nourishment