HHS expands focus on cybersecurity

By Diana Manos
10:40 AM

The Department of Health and Human Services (HHS) is taking action to beef up healthcare IT cybersecurity by appointing a new chief privacy officer and offering a new contract to study cybersecurity.

Last week, the HHS Office of the National Coordinator for Health Information Technology (ONC) named Joy Pritts, an attorney and Georgetown University professor, to be the first ONC chief privacy officer. The position of an ONC chief privacy officer was mandated under the American Recovery and Reinvestment Act.
 

The Department of Health and Human Services (HHS) is taking action to beef up healthcare IT cybersecurity by appointing a new chief privacy officer and offering a new contract to study cybersecurity.

Last week, the HHS Office of the National Coordinator for Health Information Technology (ONC) named Joy Pritts, an attorney and Georgetown University professor, to be the first ONC chief privacy officer. The position of an ONC chief privacy officer was mandated under the American Recovery and Reinvestment Act.

According to Georgetown University's Health Policy Institute, Pritts conducted research for the university with a primary focus on medical information privacy, including individuals' access to their own medical data.

In addition to naming Pritts as chief privacy officer, HHS has announced it will offer a new contract to focus on ways to reduce risk in HIT. The lessons learned from the contract will create the foundation for policy development, according to HHS officials.

HHS is only offering the opportunity to companies that already have a 2009 HHS program support center task order. However, HHS officials said companies outside of the program may qualify to participate as subcontractors.

President Obama has identified cybersecurity as a top strategic priority. A May 2009 White House report identified 10 short-term top priorities for cybersecurity, including strategic planning, interagency cybersecurity policy cooperation, increasing public awareness, incident response, research and development, and identity management.

The new HHS contract will address these priorities in their relationship to HIT, according to HHS officials.