[ Thursday, February 21, 2008 ]


EHRs: In case you weren't aware, they may not be covered by HIPAA. The ones discussed in the preceding post (Google/Cleveland Clinic) almost certainly are, since they come out of Cleveland Clinic, which certainly is a HIPAA "covered entity." But if the EHR host isn't a HIPAA covered entity, the host isn't subject to HIPAA. So, check out that privacy policy before you upload all your dirty little secrets.

Jeff [5:18 PM]

Maybe patients can use contract law to enhance the privacy of their health records. http://hack-igations.blogspot.com/2008/02/contracts-for-patient-privacy.html
Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template