On Wednesday, the Centers for Medicare and Medicaid Services - the biggest unit of the U.S. Department of Health and Human Services - confirmed in a public statement that it is "collaborating" with DOGE as Musk and his team purportedly examine how to make the federal government more efficient.
[...]
In general, CMS files contain identifiable and non-identifiable information on patients - depending on the program, said regulatory attorney Sharon Klein of the law firm Blank Rome.
"CMS has identifiable claim information on individuals which contain PHI relevant to the care for which the patient seeks reimbursement," she said. "It also manages research and has healthcare information without specific identifiers to a unique patient, or limited data sets," she said. Additionally, CMS has public use files that are fully anonymized and not identifiable to the individual, she said.
"CMS policy and HIPAA require that the privacy of identified and identifiable protected health information be held securely and [users] only review the minimum amount of data necessary for the task," she said.
To read the full article, please click here.
"Will DOGE Access to CMS Data Lead to HIPAA Breaches?" by Marianne Kolbasuk McGee was published in Bank Info Security on February 6, 2025.
