HIPAA Blog

[ Tuesday, February 28, 2023 ]

 

 HHS is committed to reduce the backlog of HIPAA investigations.  Complaints to OCR are now over 50,000 a year (2/3 of which are HIPAA-related), and OCR just isn't designed to meet that level of demand.  So HHS s going to reorganize OCR, with specific divisions addressing policy, strategic planning, and enforcement.  I don't think that's particularly useful.

Seems to me like OCR should be split into civil rights (discrimination and the like) and HIPAA/health data privacy and security.  The HIPAA side should also be split, with policy, planning, and guidance on one side, and breach/complaint on another branch, and enforcement as a third division.  The breach/complaint side should also be split into breach issues and non-breach issues (such as access).

At least that's how I'd do it.


Jeff [10:26 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template