Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected health information (PHI). Covered entities and business associates seeking cloud services often have many concerns regarding HIPAA compliance, and this
Kentucky Gov. Steve Beshear signed H.R. 232 on April 10, 2014, making the Commonwealth the 47th state to enact a data breach notification law. The law also limits how cloud service providers can use student data. A breach notification law in New Mexico may follow shortly.
Data Breach Notification Mandate
The Kentucky law follows the…
Is your cloud service provider HIPAA-compliant?
Continue Reading Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?