The Department of Health and Human Services announced on August 1 that it has shifted responsibility of the Health Insurance Portability and Accountability Act of 1996 Security Rules to the Office for Civil Rights. This includes monitoring and enforcement of HIPAA email security rules designed to protect patients’ right to privacy.
Previously, the Centers for Medicare & Medicad Services had oversight of medical email privacy cases revolving around HIPAA Security Rules. HHS Secretary Kathleen Sebelius said in a release announcing the move that shifting responsibilities would eliminate duplication of efforts and increase the efficiency in managing patient security and personal rights protection.
“Security and privacy of health information are increasingly intersecting as the department works with the health industry to adopt electronic health records and participate in an even greater level of electronic exchange of health information,” said Secretary Sebelius. “Privacy and security are naturally intertwined, because they both address protected health information. Combining the enforcement authority in one agency within HHS will facilitate improvements by eliminating duplication and increasing efficiency.”