this post was submitted on 01 Nov 2023
440 points (99.3% liked)
Technology
59288 readers
4505 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
HIPAA basically only covers healthcare providers and workers. I ran into this when the VA mailed my entire medical history to some random person. Since it wasn’t the healthcare branch of the VA, I had exactly zero recourse.
That's not true. HIPAA covers anyone handling protected health information in a professional manner. If some office clerk at the VA is mailing out copies of HIPAA-protected information, they're bound by HIPAA. If a consulting IT firm has access to a hospital's servers as they're changing something about the EHR, they're bound by HIPAA. Protected information cannot make its way from a "covered entity" to a non-covered entity like a totally unrelated bakery who would not have an obligation to protect your information without either: 1) violating the law, 2) you personally disclosing the information to the non-protected party, or 3) you or someone authorized on your behalf signing a disclosure waiver permitting the covered entity to disclose