HHS Office for Civil Rights Director Roger Severino Leads Discussion on Health Care Regulation and Cybersecurity at Wiley Rein LLP
March 28, 2018
Wiley Rein LLP hosted a roundtable today, “Outlook on Cyber: Health Care Regulation and Cybersecurity,” featuring Roger Severino, Director of the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR), along with Timothy Noonan, Acting Deputy Director for Health Privacy at OCR, and Kathryn Marchesini, Chief Privacy Officer at the Office of the National Coordinator for Health Information Technology.
The discussion, held at Wiley Rein’s offices, was moderated by Megan L. Brown, a partner in Wiley Rein’s Telecom, Media & Technology (TMT) and Privacy & Cybersecurity practices. It was designed to encourage government officials and health care professionals to share ideas and collaborate on cybersecurity and privacy challenges. The government guests highlighted future regulatory action and public engagement.
During the event, panelists touched on a variety of topics, including the types of enforcement cases OCR is most likely to pursue; interoperability challenges; initiatives to remove the government as a barrier between physicians and patients; efforts to clarify and reform the Health Insurance Portability and Accountability Act (HIPAA) in light of the opioid crisis and recent school violence; use of open application program interfaces for app developers; and potential compensation for victims of data breaches. Participants touched on the importance of remembering that companies suffering a data breach are themselves victims of crimes, as the FBI Director recently noted. Given the cyber challenges facing the private sector, partnership and collaboration are vital.
To keep up-to-date with the latest cybersecurity tips and threats, the panelists recommended subscribing to the OCR Cyber Newsletter, and advised attendees to consult the Cyber-Attack Quick Response infographic for a succinct overview of responding to and reporting cyber-related security incidents. The National Institute of Standards and Technology (NIST) has resources available as well. Additionally, the panelists encouraged application developers to visit OCR’s health app developer portal, which allows developers to engage with OCR on privacy and security issues in mHealth design and development.
The program was organized by Megan L. Brown, Rachel A. Alexander, and Bethany A. Corbin, with support from the rest of Wiley Rein’s Privacy & Cybersecurity Practice, chaired by Kirk J. Nahra, and the Health Care Practice, co-chaired by Kathryn Bucher and Dorthula H. Powell-Woodson. Wiley Rein’s multidisciplinary cybersecurity practice addresses a wide range of sectors and areas, including telecommunications, technology innovators, government contractors, mHealth applications, and health data security.