Bulletin: August 5, 2009
Secretary Delegates HIPAA Security Rule to OCR
On August 3, 2009 the Office of Civil Rights (OCR) announced that the Secretary of Health and Human Services has delegated to the Director of OCR the authority to administer and enforce the HIPAA Security Rule.
The transition of authority for the administration and enforcement of the Security Rule is expected to be seamless with no interruption in the management or processing of any complaints filed prior to the transition. Consumers may continue to submit HIPAA security complaints using the on-line resource – the Administrative Simplification Enforcement Tool (ASET), found at https:htct.hhs.gov/aset. New security complaints may also be sent to the Office for Civil Rights. The transition of security complaints from CMS to OCR has no impact on how complaints about Transactions and Codes Sets or Unique Identifiers are filed or processed. CMS retains its enforcement authority for these other HIPAA rules.
View the Federal Register notice of the Delegation of Authority at http://www.hhs.gov/ocr/privacy/srdelegationofauthority2009.pdf and the Secretary’s press release at http://www.hhs.gov/news/press/2009pres/08/20090803a.html.