Deven McGraw, the Department of Health and Human Services’ leading privacy official, has left her position for the private sector.
HHS Office for Civil Rights spokesperson Lou Burton confirmed McGraw’s departure in an email to FierceHealthcare, adding that her last day at the agency was Oct. 19. Iliana Peters, who previously served as a senior adviser for HIPAA compliance and enforcement, will replace McGraw as OCR’s acting deputy director of health information privacy.
How often do you find a public servant where her departure is bad for both individuals and regulated businesses? Thank you, @HealthPrivacy.
— Kirk J. Nahra (work) (@KirkJNahrawork) October 30, 2017
McGraw’s departure was first reported by Politico and earlier this month by the Journal of AHIMA. McGraw told Politico she is joining a technology startup focused on “empowering consumers.”
Best of luck to @HealthPrivacy - a good friend/colleague 4 many years! Her leadership & passion will carry on thru dedicated @HHSOCR staff
— Jodi Daniel (@JodiDaniel) October 31, 2017
Thanks, Jodi! Am proud to be among many other distinguished HHS alums. Yes - dedicated OCR staff will keep HIPAA going strong!
— Deven McGraw (@HealthPrivacy) October 31, 2017
McGraw served as HHS’s HIPAA and health data privacy authority for more than two years, earning a reputation as an expert well-versed in the intricacies of the law. She was appointed as ONC’s acting chief privacy officer this year following the departure of Lucia Savage, who left to be the chief privacy and regulatory officer at Omada Health.
RELATED: ONC plans to lean on OCR for privacy support, which could shift the dynamics of the agency
ONC National Coordinator Donald Rucker, M.D., has previously said the agency plans to close out the Office of the Chief Privacy Officer and maintain “limited support” for the chief privacy officer position, a position that is required under the HITECH Act.
An ONC spokesperson told FierceHealthcare the agency is focused on implementing provisions of the 21st Century Cures Act and is “working with OCR to make sure that privacy and security remain important parts of the health IT certification process.”