Health Information Management

GAO says HHS still has work to do in ensuring health IT privacy

HIPAA Weekly Advisor, September 29, 2008

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

The Government Accountability Office (GAO) on September 17 released a report on HHS’ work to ensure health information technology (IT) privacy, according to the GAO Web site.  
 
The GAO report serves as a follow-up to the January 2007 recommendations it made to HHS. At that time, the GAO urged HHS to define and implement an overall privacy approach for the protection and electronic storage and exchange of PHI, according to its Web site.
 
According to the report, HHS has already taken the following steps:
  • Identified milestones and assigned responsibility for integrating privacy initiative outcomes
  • Ensured critical privacy principles are fully addressed
  • Addressed the challenges of a nationwide health information exchange
However, HHS has fallen short in some areas. For example, it “doesn’t include a defined process for assessing and prioritizing the many privacy-related initiatives to ensure that key privacy principles and challenges will be fully and adequately addressed,” according to the Web site.
 
The report includes a recommendation that the secretary of HHS direct the National Coordinator for Health IT to include a process for assessing and prioritizing privacy initiatives and the needs of stakeholders in its overall privacy approach.
 
To read the report, click here.



Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

Comments

0 comments on “GAO says HHS still has work to do in ensuring health IT privacy

 

Most Popular

Related Articles