No Funding for ONC Office of the Chief Privacy Officer in 2018

by | Jul 20, 2017

ONC National Coordinator Don Rucker, M.D., has confirmed that the office will be closed out in fiscal year 2018 due to the cuts  to the budget of the Office of the National Coordinator for Health Information Technology (ONC)

Deven McGraw, the Deputy Director for Health Information Privacy, had been acting as Acting Chief Privacy Officer until a permanent replacement for Lucia Savage was identified. However, it is now looking likely that a permanent replacement will not be sought.

One of the key duties of the Chief Privacy Officer is to ensure that privacy and security standards are addressed and health data is protected properly. The role of Chief Privacy Officer also advises the National Coordinator for Health IT on privacy and security policies covering electronic health information. However, Mr Rucker does not feel it is necessary for the ONC to have an entire office dedicated to privacy and security as other agencies in the HHS could assist and take on additional tasks to provide this service.

Though the appointment of a Chief Privacy Officer is required by the HITECH Act there is an alternative. The ONC may request personnel to be supplied from other HHS agencies. Faced with a $22 million cut in its operating budget, ONC will turn to the HHS’ Office for Civil Rights for assistance with privacy functions with the ONC only maintaining ‘limited support’ for the role of Chief Privacy Officer.

The Chief Privacy Officer role has been pivotal in highlighting HIPAA Rules in relation to privacy since the HITECH Act was passed.

Rucker explained that discussions are now being conducted between ONC and OCR to determine how these and other tasks will be carried out, but added that privacy and security are implicit in all aspects of the work performed by ONC and that will remain the case.

Financial cutbacks are inevitable with the trimming of the ONC’s budget but Rucker has outlined that the HHS will continue to ensure privacy and security issues are dealt with and efforts to improve understanding of the HIPAA Privacy and Security Rules will also continue as has always been the case.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy