Report: HHS fails to address electronic health record privacy protections

Share this content:
While the Department of Health and Human Services has taken positive actions to implement electronic health records, it still does not have a system for addressing issues of privacy protection, according to a new report from the Government Accountability Office.

HHS implemented several measures to address these concerns following the release of a January 2007 GAO report on the lack of privacy safeguards in electronic health records. HHS fully implemented a GAO recommendation to "identif[y] milestones and the entity responsible for integrating the outcomes of its privacy-related initiatives," but it fell short on implementing two other recommendations, according to a new report released last Wednesday.
 
Meanwhile, recently proposed electronic health record legislation, such as the bill introduced last Monday by Representative Pete Stark (D-CA) (McKnight's, 9/17), raises the ire of some groups for its lack of privacy provisions. The group America's Health Insurance Plans claims the Stark legislation does not extend federal privacy rules to all providers.