[ Thursday, December 06, 2018 ]


This may or may not be a HIPAA breach, but NY's data breach notification law is likely implicated.  It's unclear whether the agency would be a HIPAA covered entity; it's described as a health provider, but if it doesn't conduct HIPAA-regulated transactions in electronic format, technically it might not be a HIPAA "covered entity." 

Jeff [10:44 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template