Secretary Delegates HIPAA Security Rule to OCR
On August 4, 2009, the Department of Health and Human Services (HHS) published a notice delegating to the Director of the Office for Civil Rights (OCR) the authority to administer and enforce the HIPAA Security Rule, functions which previously had been delegated to CMS. HHS expects that combining the authority for administration and enforcement of the federal HIPAA standards for health information privacy and security under OCR will eliminate duplication and increase efficiencies in how HHS protects health information.
