skip to content
Another Retroactive (But Important) Policy Change

Another Retroactive (But Important) Policy Change


Legal HIMformation
(August 2009)

The Secretary of Health and Human Services, Kathleen Sebelius, released a statement today (August 3) that will be published in the Federal Register tomorrow (August 4) that transfers the responsibility for investigation and enforcement of HIPAA Security Rule violations from the Centers for Medicare and Medicaid Services Office of E-Standards and Services to the Office of Civil Rights of the Department of Health and Human Services, which has responsibility for investigation and enforcement of HIPAA Privacy Rule violations, as well as for all of the new privacy and security regulations governing electronic health records passed as a part of HITECH.  It makes sense to us that all of these functions are coordinated in one location.  What is interesting about this notice is that it is effective July 27, 2009 (last Monday).  Why wait so long to let folks know?

You can see it for yourself at http://www.federalregister.gov/OFRUpload/OFRData/2009-18561_PI.pdf, complete with all of the regulatory mumbo jumbo.

Associated Industries
DISCLAIMER

Each of our lawyer's e-mail address is provided with his or her biography. If you are not a current client of our firm, you should not e-mail our lawyers with any confidential information or any information about a specific legal matter, given that our firm may presently represent persons or companies who have interests that are adverse to you. If you are not a current client and you e-mail any lawyer in our firm, you do so without any expectation of confidentiality. We will not establish a professional relationship with you via e-mail. Instead, you should contact our firm by telephone so that we can determine whether we are in a position to consult with you about any legal matters before you share any confidential or sensitive information with us.