[ Friday, April 13, 2012 ]
Did the breach constitute a HIPAA violation
? Only if the state failed to meet the standard of reasonable security policies. The story is misleading -- encryption is simply not required by federal law. Comparison with other databases is a red herring.
Jeff [8:48 AM]
Blogger: HIPAA Blog - Edit your Template