Since being named the Trump Administration’s new director of the Department of Health and Human Services’ Office for Civil Rights, Roger Serverino has been hard at work to make a splash in the healthcare world. Recently he spoke at the 10th annual “Safeguarding Health Information” HIPAA conference, jointly hosted by OCR and the National Institute of Standards and Technology, he expressed his desire to balance education and law enforcement, stating that: “I really want to make sure people come into compliance without us having to enforce. I want to underscore that.” Here are three changes the HHS/OCR Director has planned:
As the new director of the Department of Health and Human Services’ Office for Civil Rights, it is no surprise that patient privacy and protection is getting a lot of attention. In his presentation at the HIPAA conference, he stated that his top enforcement priority for the coming year is to find a “big, juicy, egregious” breach case to use as an example from which others can learn.
2. Evolving Approaches
Although he has made no decisions on whether he will focus on ransomware, cybersecurity or physical security, he does acknowledge that the complexity of the threats are evolving and as a result that the focus needs to shift to evolving the approaches in which risks are addressed.
3. Wall of Shame
Changes will also be made to the online breach reporting tool, commonly known as the Wall of Shame, which lists major health data breaches impacting 500 or more individuals. He notes that through feedback he found that because breaches were listed in alphabetical order, breaches that were resolved years ago would appear at the top of the list and made it seem as though it was an ongoing problem. Moving forward, breaches reported over two years ago will be publicly archived.
As it stands the HHS/OCR receive more than 20,000 complaints a year. Ultimately, Mr. Severino says, he’d like to see those complaints go down so that throughout the country a culture of compliance can be achieved with as little burden as possible.
With so many rules and regulations in place staying compliant cause seem difficult, of course, with the right tools and processes in place you can decrease the effort it takes significantly. Read our blog, 5Ws and a How, to learn how you can build a winning strategy to avoid costly OIG and OCR fines.
PolicyMedical is founded on the principles of making people happy and healthy. We ensure the health and happiness of the people that we touch through our thoughtful, world-class solutions. If you have any questions about our software, feel free to contact us here or request a free no-obligation demo. If you like our content and want to stay in the know, sign up for our monthly digest and get our latest and greatest posts directly to your inbox!