GAO: Tighter HIPAA Safeguards Needed at HHS
The federal agencies operate under the Federal Acquisition Regulation (FAR), which governs federal agencies in the process of acquiring goods and services—in this case, hiring contractors who handle sensitive information.
The GAO recommends additional safeguards to FAR, including:
- Address the use of nondisclosure agreements with contractors
- Prompt notification of unauthorized disclosure or misuse of sensitive information
DHS agreed with the recommendations, the GAO said, but DOD and HHS did not respond.
HHS did not immediately answer an e-mail from HealthLeaders Media Monday.
Senator Tom Carper (D-Del.), chairman of the U.S. Senate Subcommittee on Federal Financial Management, Government Information, Federal Services and International Security, said in a statement that "there have been an unacceptably high number of data breaches that have left individuals, at times, the victim of serious financial crime or, more often, fearful that their personal information will be compromised."
- Providers' Push to Consolidate Roils Payers
- As Retail Clinics Surge, Quality Metrics MIA
- Former NQF Co-Chair Linked to Conflicts of Interest in Journal Probe
- 6 Not-So-Good Reasons for Avoiding Population Health
- Medicare Cost, Quality Data Tools Weak, Says GAO
- No Employee Satisfaction, No Patient-Centered Culture
- RN Named Chief Patient Experience Officer
- Population Health Pays Off for NY Collaborative
- In PCMH, the 'P' is Not for 'Physician'
- How Simple Data Analytics is Driving Physician Incentives