The Office of Inspector General, U.S. Department of Health and Human Services issued a report urging enhanced oversight of compliance with the HIPAA privacy standards.
Covered entities under HIPAA that do not properly safeguard protected health information could expose people to identity theft, fraud and other harm. The HIPAA privacy rule provides standards for protecting PHI. After reviewing HIPAA incidents, the Inspector General determined that OCR should take the following actions: