Executive Briefings | December 16, 2015
The ‘Baby HIPAA’ Conundrum
Recently, we received an interesting question – “Are there 'state-specific’ rules for patient data privacy, possibly different than the Health Insurance Portability and Accountability Act (HIPAA)? How do these rules affect compliance and care delivery?"
All health care provider organizations, health care clearinghouses, and their business associates are required to follow HIPAA rules (see HIPAA: The Final Act). But there are also “state-specific” rules for privacy compliance – what some have termed “Baby HIPAAs” because they also govern much of the same protected health information . . .