The Health and Human Services division that enforces HIPAA rules and regulations, the Office for Civil Rights, will get a new director once Leon Rodriguez leaves for his new post.
HHS Secretary Sylvia Mathews Burwell reportedly sent out an internal email to staff on the appointment of Jocelyn Samuels as OCR director, replacing Leon Rodriguez, according to a Gov Info Security report. Rodriguez was officially confirmed by the Senate to serve as director of the U.S. Citizenship and Immigration Services at the Department of Homeland Security June 24. President Barack Obama had announced Rodriguez's nomination back in December.
Jocelyn Samuels will come to OCR from the Department of Justice, where she held the role of acting assistant attorney general in the civil rights division and was responsible for enforcing federal law pertaining to discrimination based on race, sex, national origin and disability.
[Related: Fueling public HIE with business tools, standards.]
Prior to her appointment at DOJ, Samuels served in the role of vice president for education and employment at the National Women's Law Center. Before that, she worked as labor counsel to Sen. Edward Kennedy and as senior policy attorney at the Equal Employment Opportunity Commission. She received her law degree from Columbia University.
An OCR spokesperson declined to comment on when Samuels is slated to assume the post.
Samuels will be overseeing HIPAA compliance and the official audit program slated to kick off this year.
"We're hopeful that our audits will begin, hopefully the end of this year, early next year," Iliana Peters, OCR senior advisor for HIPAA compliance and enforcement said this June at the HIMSS and Healthcare IT News Privacy and Security Forum. OCR expects to begin with covered entities and follow with business associates likely next year, she said.
These audits will include both desk audits, which officials anticipate will number between 150 and 200, and 50 on-site audits. "That number is a bit in flux," she added, depending on the financial resources given to the division.
To date, OCR has levied $26 million in HIPAA settlements against entities found to have violated HIPAA privacy, security and breach notification rules.
Just this June, the six-hospital Parkview Health System in Fort Wayne, Ind., agreed to settle to the tune of $800,000 over an incident that involved dumping medical records unattended in a physician's driveway.
See also:
Will true EHR interoperability ever really happen?
