HIPAA Blog

[ Friday, July 17, 2020 ]

 

I haven't been able to read the whole story here (it leads to a Westlaw paid page), but it looks like Aetna wants the plaintiff's firms that caused their big breach (discussed here; it was a really bad one involving HIV information) by using window envelopes.  This interesting, because this was not Aetna's lawyers, but rather the firms pursuing a class action lawsuit against Aetna.  Thus, Aetna has no BAA with them.  Also, these law firms are not covered entities, and since they represented the individual plaintiffs, they would not be business associates; thus the firms are not subject to HIPAA for their culpability in the breach.  Interesting. . . .

Jeff [10:43 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template