Government watchdog: HHS needs work on protecting personal data
HIPAA Weekly Advisor, September 27, 2010
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
The Department of Health and Human Services (HHS), the enforcer of the HIPAA privacy and security rules, has safeguards that do not always protect sensitive information it shares with contractors, according to a Government Accountability Office (GAO) released a report this month.
The report — “Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information” — cites patient health and medical information as one of the examples of “sensitive information.”
GAO’s report assesses the:
- Extent to which government guidance and contracts contain safeguards for contractor access to sensitive information
- Adequacy of government-wide guidance on how agencies are to safeguard sensitive information to which contractors may have access
The report also reviews practices of the Department of Defense (DOD) and Department of Homeland Security (DHS). It found that DOD’s and HHS’ guidance do not always protect “all relevant types of sensitive information contractors may access during contract performance,” according to a one-pager of report highlights released by the GAO.
Read more on HIPAA Update.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched