GAO: Tighter HIPAA Safeguards Needed at HHS
The Government Accountability Office (GAO) released a report this month that says the Department of Health and Human Services (HHS), the enforcer of HIPAA privacy and security rules, has safeguards that do not always protect sensitive information it shares with contractors.
The report—Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information, released this month—cites patient health and medical information as one of the examples of "sensitive information."
GAO's report assesses the:
- Extent to which government guidance and contracts contain safeguards for contractor access to sensitive information
- Adequacy of government-wide guidance on how agencies are to safeguard sensitive information to which contractors may have access
The report also reviews practices of the Department of Defense (DOD) and Department of Homeland Security (DHS).
It found that DOD's and HHS' guidance do not always protect "all relevant types of sensitive information contractors may access during contract performance," according to a one-pager of report highlights released by the GAO.
"GAO's analysis of guidance and contract actions at three agencies found areas where sensitive information is not fully safeguarded and thus may remain at risk of unauthorized disclosure or misuse."
- CEO Exchange: Preparing for Population Health
- Advocate, NorthShore Deal Would Create 16-Hospital System
- Better HCAHPS Scores Protect Revenue
- Narrow Networks Cut Costs, Not Quality, Economists Say
- 3 Strategies for Retaining Millennial Employees
- Power of price: In South FL and the nation, healthcare costs often are shrouded in secrecy
- Two NY hospitals to offer free hip and knee replacement surgeries for qualifying patients in December
- Hospital mergers may lead to higher prices
- Healthcare data of 1 million NJ patients compromised since 2009
- CEO Exchange: Pressure is On to Partner, Drive Quality