HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • Google+
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

GAO says HHS is on the road to a coordinated privacy policy, but not there yet

February 2, 2007

GAO testimony before a Senate subcommittee yesterday provides a concise overview of the past few years’ developments in the realms of privacy and interoperability as they relate to HIT — both in terms of regulations and the superstructure necessary to implement them.

HHS believes that it is further down the road to developing an integrated approach to ensuring the protection of privacy of patient information than does GAO. 

It has certainly cooked up another big batch of alphabet soup — ONCHIT, NHIN, NCVHS, etc.  But per the GAO,

HHS is in the early stages of its efforts and has therefore not yet defined an overall approach for integrating its various privacy-related initiatives and addressing key privacy principles, nor has it defined milestones for integrating the results of these activities. GAO identified key challenges associated with protecting electronic personal health information in four areas (see table).

Update 2/5/07:  All of the testimony from the hearing is up on the subcommittee’s website.  Pay special attention to Mark Rothstein’s statement.  He chairs the privacy and confidentiality subcommittee of the National Committee on Vital and Health Statistics (NCVHS), and is rightfully steamed over HHS’s sitting on his recommendations for six months.  He began:

In my testimony today, I want to make only two points. First, HHS has made very little meaningful progress in developing and implementing measures to protect the privacy of health information in electronic health networks. Second, time is of the essence. HHS must begin to act immediately on the key privacy issues, and Congress needs to hold HHS accountable.

Here’s hoping that the regulatory structure can catch up with the realities of the marketplace.

— David Harlow

Filed Under: Ehealth, EHR, Health care policy, Health Law, HIPAA, HIT, Privacy

you might also like:

  1. GAO on NHIN: plans, milestones, metrics needed to keep on track

  2. HIPAA faces the music: New OCR Guidance on the HIPAA Privacy Rule and the Electronic Exchange of Health Information

  3. Where does HIPAA go? Wherever it wants.

« Value-driven health care: Premier HQID demonstration yields improved performance, HSAs may as well — but there's a limit to these things
Reminder: Health Wonk Review #25 in this space soon »

Follow me on Twitter

Tweets by healthblawg

HIPAAtools

The HIPAA Compliance Toolkit

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Services
  • Health Care Social Media Consulting Services
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

Health Care Law and Consulting Services

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • Google+
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2019
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.