GAO: Tighter HIPAA Safeguards Needed at HHS
The Government Accountability Office (GAO) released a report this month that says the Department of Health and Human Services (HHS), the enforcer of HIPAA privacy and security rules, has safeguards that do not always protect sensitive information it shares with contractors.
The report—Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information, released this month—cites patient health and medical information as one of the examples of "sensitive information."
GAO's report assesses the:
- Extent to which government guidance and contracts contain safeguards for contractor access to sensitive information
- Adequacy of government-wide guidance on how agencies are to safeguard sensitive information to which contractors may have access
The report also reviews practices of the Department of Defense (DOD) and Department of Homeland Security (DHS).
It found that DOD's and HHS' guidance do not always protect "all relevant types of sensitive information contractors may access during contract performance," according to a one-pager of report highlights released by the GAO.
"GAO's analysis of guidance and contract actions at three agencies found areas where sensitive information is not fully safeguarded and thus may remain at risk of unauthorized disclosure or misuse."
- FDA hopes hospitals will switch to newly regulated pharmacies
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Why You Should Involve Patients in Nursing Handoffs
- Not-for-Profit Hospitals Find Opportunity Amid Uncertainty
- The Most Polarizing Topics in Healthcare IT
- Substance Abuse Resurfaces Among Anesthesiologists in Training
- Safety Net Executives Renew Call to Preserve DSH Payments
- The 5 Biggest Healthcare Finance Trouble Spots