GAO: Tighter HIPAA Safeguards Needed at HHS
The Government Accountability Office (GAO) released a report this month that says the Department of Health and Human Services (HHS), the enforcer of HIPAA privacy and security rules, has safeguards that do not always protect sensitive information it shares with contractors.
The report—Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information, released this month—cites patient health and medical information as one of the examples of "sensitive information."
GAO's report assesses the:
- Extent to which government guidance and contracts contain safeguards for contractor access to sensitive information
- Adequacy of government-wide guidance on how agencies are to safeguard sensitive information to which contractors may have access
The report also reviews practices of the Department of Defense (DOD) and Department of Homeland Security (DHS).
It found that DOD's and HHS' guidance do not always protect "all relevant types of sensitive information contractors may access during contract performance," according to a one-pager of report highlights released by the GAO.
"GAO's analysis of guidance and contract actions at three agencies found areas where sensitive information is not fully safeguarded and thus may remain at risk of unauthorized disclosure or misuse."
- In Lakeport, CA, a Population Health Laboratory is Born
- Nurse Ethics Comes to a Head at Guantanamo Bay
- Transforming Decision Support and Reporting
- CMS Mulls Income-Adjusting MA Stars
- Providers' Push to Consolidate Roils Payers
- Providers Prep for New Payment Models as Population Health Grows
- As Retail Clinics Surge, Quality Metrics MIA
- Insurers' listings of in-network doctors often out of date
- Slideshow: Healthcare Executives Eye Efficiency
- How to navigate big data in healthcare