New OCR Chief Pledges to Fight Breaches

It’s no secret that the number of large-scale health care data breaches has been on the rise in recent years, often dominating headlines and causing concern in the health care community. The Office of Civil Rights (OCR) at the Department of Health and Human Services (HHS) plays an important role in combating and responding to incidents like this, and the agency’s new head, Roger Severino, has promised that he is committed to doing his part. As Healthcare IT News first reported, during a Thursday session at Health Datapalooza in Washington, Severino reiterated that he would work hard to fight breaches, and to provide support to organizations seeking to prevent them. “I came into this job with an enforcement mindset,” he told audience members. “Congress established OCR to adapt to new technology—and to protect it.”

Severino, who previously worked on “religious liberty” issues at the Heritage Foundation and as an attorney for the Department of Justice’s Civil Rights Division, also spoke of the importance of working toward interoperability during his session: “We want to make health IT work for physicians, promote interoperability, and safeguard data from falling into the wrong hands.” He further emphasized to audience members that their feedback was always welcome in the effort to address and prevent breaches, and urged organizations to make patient privacy a priority, reminding the audience of the penalties for breaches under the HITECH Act. Finally, he noted that his office would be working to provide guidance to organizations seeking to enhance data security; along with further guidelines on what does and doesn’t count as a covered entity, OCR will be seeking to clarify how “new and emerging technologies and apps can actually work within the rules to share information and provide information to consumers, while protecting patients and privacy.”

Notably, Severino’s brief tenure at OCR has not been without controversy. He faced questions about his socially conservative track record on a number of issues from groups like ProPublica and the Human Rights Campaign, as well as from Democrats in Congress. He also criticized the actions of OCR, which has a broad range of responsibilities relating to “protect[ing] people from unlawful discrimination,” during the Obama Administration. Regardless of his views on social issues, however, Severino appears to be seeking to prioritize patient protection from data breaches—an issue that both parties can always agree is important. As he noted in an earlier statement announcing the recent $2.5 million settlement between OCR and the company CardioNet after a large-scale breach, “Disregard for security can result in a serious breach, which affects each individual whose information is left unprotected.”

Click here for the article from Healthcare IT News on the new OCR chief committing to fight data breaches.

Click here for the press release from HHS on the recent settlement with CardioNet. 


Leave a Reply