83%(6)5 out of 6 people found this document helpful
This preview shows page 1 - 4 out of 279 pages.
1AC SolvencyDHHS is adequately ensuring private sector compliance with health privacy protection laws nowCharles Ornstein(senior reporter for ProPublica covering health care and the pharmaceutical industry) March 20, 2015“Despite A Wave Of Data Breaches, Fed Says Patient Privacy Isn't Dead” -fed-says-patient-privacy-isn-t-deadThe task of investigating medical data breaches falls to the Office for Civil Rights, a small agency within the Department of Health and Human Services. Last month, ProPublica and NPR reported how, as the number of breaches has increased, the office infrequently uses its authority to fine organizations and health providers that fail to safeguard patient records. The office's director, Jocelyn Samuels, spoke Monday to health privacy and security experts gathered in Washington, D.C., for the National HIPAA Summit, named for the Health Insurance Portability and Accountability Act. After her talk, Samuels sat down with ProPublica to talk about the current state of health privacy. The conversation has been edited for length and clarity. Highlights are below; a fuller version is available on ProPublica's website. To start off with, the Anthem breach is still at the top of mind for so many people. Does this change the landscape in terms of health data breaches? We won't know until after we have investigated what the causes of the Anthem breach are or were, or whether there are concerns about HIPAA compliance. But I think that it illustrates both the increasing risks that exist in the cybersecurity space and the need for covered entities [health providers and others subject to HIPAA's requirements] to continue to update and evaluate their risk analyses to ensure that their risk management plans adequately anticipate all of the kinds of threats they may face. Since HIPAA was passed in 1996, how would you say the state of play has changed with respect to patient privacy and the security of records? The ability to access electronic health records is something that we obviously have clarified and expanded over time since HIPAA was enacted. And I anticipate that we will continue to evaluate the application of HIPAA standards to emerging issues, whether they are posed by new technology or new forms of risk that aren't being adequately addressed. From a macro perspective, we are seeing an explosion of new approaches to delivering health care, to treating patients, to sharing information. And that changes on an exceptionally rapid basis, and so ensuring that we are providing adequate guidance about how HIPAA applies and whatthe standards are in these new environments is something that's a high priority. Somepeople have suggested that the notion of patient privacy is sort of outmoded and that you really don't have privacy anymore. Do you accept that? No. I think that you are talking about some of the most intimate facts