HIPAA Regulatory Alert: HIPAA security enforcement now under HHS OCR
HIPAA Regulatory Alert
HIPAA security enforcement now under HHS OCR
The U.S. Department of Health and Human Services (HHS) is shifting enforcement authority of the HIPAA security rule from the Centers for Medicare & Medicaid Services (CMS) to the HHS Office of Civil Rights. Since 2003, the Office of Civil Rights has overseen enforcement of the HIPAA privacy rule, which protects the confidentiality of patients' health information.
The security rule specifies administrative and technical procedures for safeguarding electronic protected health information. "Privacy and security are naturally intertwined, because they both address protected health information," said HHS Secretary Kathleen Sebelius in a prepared statement. "Combining the enforcement authority in one agency within HHS will facilitate improvements by eliminating duplication and increasing efficiency."
The change, which took effect July 27, authorized the HHS Office of Civil Rights to impose civil penalties for HIPAA security violations, issue subpoenas related to such investigations, and determine if federal standards preempt related state laws.
The U.S. Department of Health and Human Services (HHS) is shifting enforcement authority of the HIPAA security rule from the Centers for Medicare & Medicaid Services (CMS) to the HHS Office of Civil Rights. Since 2003, the Office of Civil Rights has overseen enforcement of the HIPAA privacy rule, which protects the confidentiality of patients' health information.Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.