As amateur investigators in the show Only Murders in the Building, Steve Martin, Martin Short, and Selena Gomez follow-up on suspicious deaths in their building when the police investigation falls short. This is weirdly what is happening in the health care world — sort of — when the U.S. Government Accounting Office (GAO) followed-up recently on investigations by HHS on health care IT-related crimes (otherwise known as HIPAA data breaches). Basically, when electronic medical records are hacked or inappropriately shared with someone who shouldn’t get to see them, the Office of Civil Rights (OCR) at HHS (which is tasked with enforcement of HIPAA privacy and security rules) must investigate reports of the data breaches. This is not a small problem — in 2021, there were 714 health data breaches, each of which affected 500+ people (one breach incident involved 3.5 million records, and back in 2015 the big one was 115 million). In its latest report, the GAO suggested that maybe the HHS OCR should improve its investigations by getting feedback on the breach reporting process. Unlike the police in the Steve Martin show, OCR agreed — saying that it will add language and contact information to the HHS Breach Portal to invite feedback. If Steve Martin wrote the feedback, we bet it would be funny.
July 1, 2022 | 3 min read
July 1, 2022
Only What Matters in Health Information Policy
COMING SUMMER 2023
MyMaverick is a subscription service that provides access to analysis and news across the health technology policy landscape.Sign Up Now
Speaking Engagements & Custom Services
Maverick offers a range of flexible services tailored to each client’s needs.View Services