More on Google, Microsoft, and HIPAA, from David Farber's IP list
The upshot is that Google and Microsoft, not being "covered entities," are absolutely *not* bound by HIPAA. If they have signed a Business Associate Agreement with a covered entity, they may be bound by that agreement to apply similar standards to that entity's data in the context of that engagement, but that's as close as it gets.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.