Printer Friendly, PDF & Email

Meet R. Brett Short

This interview with R. Brett Short ( was conducted in May by Adam Turteltaub (, Vice President of Strategic Initiatives & International Programs, Society of Corporate Compliance and Ethics & Health Care Compliance Association.

AT: How did you first get into the world of Compliance?

RS: It kinda just happened and followed me my whole career — providence perhaps. One of my first jobs out of college was recreating patient accounts that were erased by someone who deleted them and took some money. Another was a practice where the providers were divorcing, and I was tasked with figuring out who took what and unlocking the security installed by a rogue employee. I had a lot of forensics experience, without asking for it, in my first few years out of college. This became the theme with each job I took, trying to get to the bottom of what really happened by doing investigations. Officially, I got into Compliance like a lot folks did, “volun-told.”

Prior to joining the University of Kentucky (UK), I was a consultant, and we were talking a lot about HIPAA in the early days. When I arrived at UK, I began to ask a lot of questions like, “What are we doing about HIPAA?” and “Who’s on point?” I guess I asked too many questions. I met the group that was addressing it, and they did some phenomenal work prior to my arrival. I became Privacy Officer a few weeks before the effective date. It was like jumping into a race car after the race had started. It was a wild ride.

AT: Privacy was still a relatively new area back in 1998. What was the state of Privacy back then?

RS: I was doing EMR [electronic medical record] implementation back in the early days of that industry, and we were talking a lot about impact to the delivery of care in different settings like the hospital and clinics. When I arrived in academic medicine, we simply couldn’t reconcile the early expectations with current practice. College athletics, student dental clinics are mostly open-operatory model, and they presented some real questions with the initial guidelines. Luckily for many of us, the comment period yielded some good results and workable solutions to patient privacy.

This document is only available to members. Please log in or become a member.