What Does It Take to Run OCR?

As the HHS Office for Civil Rights and the HIPAA-regulated community continue waiting for the appointment by HHS of a permanent OCR director,[1] two former leaders shared with RPP some of their on-the-job experiences and offered advice for an incoming leader.

OCR has a dual role of enforcing the privacy, security and breach notification rules as well as ensuring civil rights laws are not violated in health care settings. If history is any guide, the new director will likely come from a civil rights background, and may have little or no actual experience with HIPAA issues. That was the case with Roger Severino, the most recent director, who was appointed in March 2017.

While in the Civil Rights Division in the Department of Justice, “I had to do a compliance records request subpoena in a case with medical records…I did actually take advantage of one of the HIPAA exceptions in the subpoena context,” Severino said. “It was incredibly sensitive medical information, and I was glad those protections were in place, because if that sort of information gets abused, people would be less likely to seek medical care.”

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field