[ Thursday, December 06, 2018 ]
Jeff [10:44 AM]
may or may not be a HIPAA breach, but NY's data breach notification law is likely implicated. It's unclear whether the agency would be a HIPAA covered entity; it's described as a health provider, but if it doesn't conduct HIPAA-regulated transactions in electronic format, technically it might not be a HIPAA "covered entity."
Blogger: HIPAA Blog - Edit your Template