HHS’ Office for Civil Rights appoints new director

Featured image

Share this article

OCR logo

The U.S. Health and Human Services’ (HHS) Office for Civil Rights (OCR) has appointed a new director, Lisa J. Pino. Originally from New York City, Pino worked as a legal aid attorney before joining the government.

One of several OCR tasks is to regulate and enforce HIPAA, the Health Insurance Portability and Accountability Act of 1996. The OCR director is responsible for its enforcement and supporting the administration’s agenda.

Under HIPAA and its addendums, covered entities must commit to keeping protected health information (PHI) secure.

SEE ALSO: HIPAA compliant email

HHS’ Office for Civil Rights and HIPAA

Besides enforcing federal civil rights and conscience and religious freedom laws, OCR is most known for its enforcement of HIPAA. HIPAA protects the rights and privacy of patients and combats fraud and abuse related to PHI.

RELATED: Understanding and implementing HIPAA rules

OCR enforcement largely concentrations on the following HIPAA rules:

Any covered entity that commits a HIPAA violation may be subject to fines and a HIPAA corrective action plan.

Pino takes over for Roger Severino (appointed under the Trump administration) and Robinsue Frohboese (acting director between administrations).

About Lisa J. Pino

Pino comes to OCR from the New York State Department of Health where she led New York’s COVID-19 response. Previously, she was a senior executive service official at the U.S. Department of Homeland Security (DHS) under the Obama administration.

While with DHS she led the mitigation of the largest hack in federal history at the U.S. Office of Personnel Management in 2015, establishing new cybersecurity regulatory protections and renegotiating vendor procurements.

Before DHS, Pino was deputy administrator of the U.S. Department of Agriculture’s (USDA) Supplemental Nutrition Assistance Program (SNAP) and served as the USDA deputy assistant security for civil rights.

“Lisa is an exceptional public servant, and I am delighted to welcome her to the role of the Director of [OCR],” stated Xavier Becerra, HHS secretary, in the September announcement. “Her breadth of experience and management expertise . . . will help ensure that we protect the rights of every person across the country as we work to build a healthier America.”

A new Office for Civil Rights focus

Typically, the background of OCR’s director influences the agency’s agenda. Given that Pino is familiar with data security, a good assumption is that OCR will concentrate on data breach prevention.

Sara Goldstein at BakerHostetler recently gave further insight into possible focal points:

RELATED: OCR settles 20th HIPAA Right of Access case with Nebraska Hospital

Other possible key changes include more accessible documentation/guidance, an emphasis on breach management and risk assessment, and stronger compliance and enforcement actions.

Finally, one issue to address is the future of the January 2021 Notice of Proposed Rulemaking that modifies the Privacy Rule and the HITECH Act by addressing standards that may impede healthcare coordination and communication.

No changes to the need for strong email security

One thing that won’t change when it comes to HIPAA is the need for solid HIPAA compliant email.

Paubox Email Suite guarantees robust email security and HIPAA compliance by automatically encrypting all emails. Moreover, our Plus and Premium plans come with proactive inbound tools like Zero Trust Email and ExecProtect, which block different types of cyberattacks.

Emails are delivered directly to inboxes without requiring extra passwords, logins, or portals. And even better, Paubox Email Suite works from an existing email platform such as Google Workspace or Microsoft 365.

Our solution is HITRUST CSF certified, demonstrating that Paubox has met key regulatory requirements to appropriately manage risk and ensure HIPAA compliance as regulated by OCR.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022