Timothy Noonan is now the Deputy Director for Health Information Privacy as announced by the Department of Health and Human Services’ Office for Civil Rights (OCR).
The function of the Deputy Director for Health Information Privacy is to head the Health Information Privacy Division of the OCR, supervise the national health information privacy policy and outreach activities of OCR, and manage and implement the HIPAA Security, Privacy, and Breach Notification Rules and the confidentiality terms of the Patient Safety Rule.
Noonan served as Acting Deputy Director for Health Information Privacy beginning January 29, 2018, after Iliana Peters left. Before accepting the Acting Deputy Director for Health Information Privacy position, Noonan functioned as the Southeast Regional Manager of OCR, prior to going to OCR’s headquarters to work as Acting Associate Deputy Director for Regional Operations as well as the Acting Director for Centralized Case Management Operations.
In the 22 months that Noonan was Acting Deputy Director for Health Information Privacy, he helped protect over $37 million in HIPAA civil monetary penalties and settlements, which include the biggest ever HIPAA penalty. Anthem Inc paid $16 million settlement for the 78.8 million-record data breach that happened in 2015.
Noonan likewise assisted in producing the Right of Access Enforcement Initiative, without which guidance the individuals’ right of access to their healthcare records won’t be issued and the very first financial penalty for Right of Access failures won’t be settled with Bayfront Health St Petersburg.
Noonan also helped in the issuance of Health Apps and in the request for data through public responses on the way the HIPAA Privacy Rule ought to be changed to encourage synchronized, value-based medical care.