Health Information Management

Sebelius shifts HIPAA security rule enforcement to Civil Rights Office

HIM-HIPAA Insider, August 11, 2009

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

The secretary of HHS shifted enforcement of the HIPAA security rule from CMS to the Office for Civil Rights (OCR), according to an HHS announcement published August 4 in the Federal Register.

Until now, OCR has enforced only the HIPAA privacy rule, which protects the privacy of patients' health information and the confidentiality provisions of the patient safety rule, which guards protected health information (PHI) from being used to analyze patient safety events and improve patient safety.

The security rule–published in the Federal Register February 20, 2003–specifies a series of administrative, technical, and physical security procedures for covered entities to assure the confidentiality of electronic PHI (e.g., encryption standards).

Click here to read more.



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Most Popular