The US Department of Health and Human Services has reorganized its technology leadership, including reviving the role of chief technology officer.
The move sets the stage for tighter coordination of AI and broader technology and data policy and operations within the 80,000-strong organization.
According to a statement from the HHS: “Responsibility for policy and operations has been distributed across the Office of the National Coordinator for Health Information Technology (ONC), the Assistant Secretary for Administration (ASA), and the Administration for Strategic Preparedness and Response (ASPR).”
Under the new structure, ONC will be renamed the Assistant Secretary for Technology Policy and Office of the National Coordinator for Health Information Technology (ASTP/ONC). ASTP/ONC will take on oversight for technology, data, and AI policy and strategy from ASA.
The shakeup will establish an Office of the Chief Technology Officer and reinstitute the role of Chief Technology Officer. This tier will, in turn, oversee “department-level and cross-agency technology, data, and AI strategy and policy, including the Office of the Chief AI Officer, Office of the Chief Data Officer, and a new Office of Digital Services.”
Incumbent National Coordinator role Micky Tripathi becomes Assistant Secretary for Technology Policy/National Coordinator for Health Information Technology, but the organization has launched a recruitment drive to fill the other positions.
New acting chief AI officer named
In the meantime, Tripathi will also fill in as acting chief AI officer (CAIO). This could be seen as highlighting just how critical the AI role will be for the organisation in the future. The role includes setting internal governance, policies, and risk management approaches for uses of AI and coordinating HHS’s AI approach in the health and human services sectors
At the same time, the “public-private effort between the health sector and the federal government on cybersecurity (“405(d) Program”)” will move from ASA to ASPR.
This lines it up with other health sector cybersecurity activities already located in the ASPR’s Office of Critical Infrastructure Protection. Needless to say, the health sector in the US has been a major target of cybercriminals.
An audit of the HHS’ Office of the Secretary, revealed earlier this month, showed the department did not have a complete grip on all its cloud assets.
The auditors found “there is no standardized process for ensuring qualified System Security Officers are selected. This adversely effects HHS OS’s ability to ensure security controls are effectively implemented.
As a result, they concluded, “HHS OS data stored in the cloud systems we examined may potentially be at a risk of compromise.