On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly: > I'd be wondering if HIPPA requires him to disclose the breach to his > clients since it is medical information.
Yes. http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/ But if he didn't even have separate backups I doubt he will be overly concerned about this. For better or worse, odds are DHHS will never know about it unless one of his patients reports him so likely nothing will come of it. -- Tracy Reed, RHCE Digital signature attached for your safety. Copilotco PCI/HIPAA/SOX Compliant Secure Hosting 866-MY-COPILOT x101 http://copilotco.com
pgpl5oNC_BrNl.pgp
Description: PGP signature
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
