Kathryn Marchesini Named ONC Chief Privacy Officer

Kathryn Marchesini Named ONC Chief Privacy Officer
Kathryn Marchesini, chief privacy officer at the Office of the National Coordinator for Health IT

Kathryn Marchesini has been named the new chief privacy officer at the Office of the National Coordinator for Health IT (ONC). Marchesini has worked in various roles at the Department of Health and Human Services (HHS) since joining the agency in 2010, most recently as the senior health information technology and privacy adviser at the Office for Civil Rights, according to an article from FierceHealthcare. She has also served as the division director for privacy at ONC and as the acting chief privacy officer at ONC in 2014 prior to Lucia Savage’s appointment, according to the article.

Donald Rucker, MD, national coordinator for health IT, announced the appointment in an email to ONC staff on Wednesday, in which he described Marchesini’s experience and previous work with ONC. “Kathryn is a well-respected expert on the HIPAA rules from both the government and public sectors,” Rucker wrote in the email, according to Health Data Management. “She brings to her new role a wealth of experience as a senior advisor and deputy director for privacy at ONC where she advised staff and stakeholders about privacy and security implications surrounding electronic health information, technology and health research,” Rucker said.

Marchesini will have the challenge of a potentially nonexistent privacy budget with which to confront the health IT privacy challenges growing for the industry in 2018. Rucker initially stated that ONC would not fill the chief privacy officer role following Lucia Savage’s departure in January 2017, and instead look to the Office for Civil Rights for support on privacy and security matters. Following a $22 million budget cut for 2018, it appeared that there were plans to close the Office of the Chief Privacy Officer, looking to Deven McGraw, then-deputy director for health information privacy at OCR, to cover the role. When McGraw left the agency in October 2017, however, it left industry stakeholders wondering who would be handling privacy matters for both agencies. Some speculated that ONC would be eliminating the privacy officer role altogether as a part of reducing its budget and staff.

But the HITECH Act includes a legislative mandate that requires the agency to fill the chief privacy officer position “to advise the national coordinator on privacy, security and data stewardship of electronic health information and to coordinate with other federal agencies,” according to Healthcare IT News.

Marchesini plans to bring laser-focus to the office, with plans to tackle uncertainty around identifiable health information, data accessibility, information blocking, and providing guidance for stakeholders beyond the scope of HIPAA, according to the FierceHealthcare article.

“We can zone in on some of the areas we’ve been looking long and hard at and address questions that didn’t previously exist or weren’t mainstream a few years ago,” Marchesini said.

Marchesini plans to encourage ONC to “continue inspiring confidence in health IT, electronic health information exchange, as the healthcare infrastructure evolves,” according to Health Data Management.

McGraw, who left HHS to join a startup technology firm in Silicon Valley, told FierceHealthcare that Marchesini’s appointment was “an excellent choice,” noting that she “knows privacy and security so well.” McGraw noted that she expects Marchesini would also try to understand the private sector’s needs as well as part of her privacy work.


Sarah Sheber is assistant editor/web editor at Journal of AHIMA.