Monday Notes

The FEHBlog realized with horror today that he had failed to provide a link to The Week in Congress’ review of last week’s actions up on Capitol Hill. Here’s the missing link.

For over a decade, the HIPAA Privacy and Security Rules have provided the regulated parties with necessary flexibility to conduct business while safeguarding data. Modern Healthcare nevertheless reports on a controversy over the appointment of privacy lawyer Deven McGraw to head HIPAA enforcement at HHS’s Office for Human Rights.  Apparently, some consider Ms. DeGraw to be too moderate.  The FEHBlog thinks that the federal government is lucky to have Ms. DeGraw.

Of course, it may be hard to appreciate the ongoing value of HIPAA when there seems to be another large data breach overtime you turn around. The OPM breach illustrates the difficulty of keeping ahead of the very bad guys.  The law simply has a hard time keeping up with technology whether it’s used for good or bad.

Defense One analyzes OPM’s efforts to enhance its data security. Today OPM took offline for repair E-QIP, its “web-based platform used to complete and submit background investigation forms.”  Also today, a large federal employee filed a class action lawsuit against OPM and a contractor Keypoint Government Solutions over the data breach.