CDT published an article in iHealthBeat yesterday, calling on the U.S. Dept. of Health and Human Services (HHS) to take charge on privacy issues. In the iHealthBeat article, CDT points out that HHS should take full advantage of the opportunities before it to establish strong rules in favor of privacy and meaningful enforcement. CDT also urges HHS to enhance communication and coordination on privacy issues within its subagencies and other federal agencies.
The American Recovery and Re-investment Act of 2009 (ARRA) makes a significant taxpayer investment in health information technology (health IT). A new generation of improved privacy protection is critical to preserve patient trust in a system of digitized health records. In ARRA, Congress provides HHS with numerous opportunities to strengthen privacy in health care, such as through rulemakings and staff appointments.
There is some evidence of improvement in both the coordination and regulation areas. For example, the HIPAA Privacy and Security Rules were previously enforced by two different offices within HHS, but both are now enforced through the Office of Civil Rights (OCR). HHS should grab this opportunity to ensure better compliance and enforcement with the Privacy and Security Rules. To do so, OCR will have to coordinate closely with the HHS Office of the National Coordinator (ONC), which oversees the national strategy for the electronic health information exchange.
Read more »