[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Re: Are Google/MSFT bound by HIPAA?
________________________________________ From: Brock N. Meeks [bmeeks@cox.net] Sent: Tuesday, February 26, 2008 3:43 PM To: David Farber Subject: Re: [IP] Re: Are Google/MSFT bound by HIPAA? START PERSONAL NOTE: Dave, I was too quick to imply that there is debate about whether Msft/Google are covered under HIPAA; apparently there is no debate. A few on the list took my comment and, confused by my words, questioned my boss about it, thinking I was speaking for the organization. And of course, I was chewed out. So, I'd appreciate it if you could run the following comment that clarifies -- or corrects -- my earlier comment. Thanks much. -- Brock END PERSONAL NOTE I'd like folks on the list to know that I was too quick to suggest that there are some that believe that PHRs (personal health records) are covered by HIPAA. In fact, there has been a good deal of writing on how PHRs are out. This came up in a recent report of the National Committee on Vital Health Statistics (NCVHS) board at Health and Human Services which made the following recommendations to Secretary Levitt on this issue: Recommendations for Data Stewardship on Individual Participation and Control over Personal Health Information Held by Organizations Not Covered by HIPAA Privacy and Security Rules. HHS should: a. Urge the Federal Trade Commission (FTC) to utilize its full authority with respect to organizations that are not covered entities or business associates under HIPAA but that collect personal health information to ensure that (i) privacy policies on web sites collecting personal health information fully inform users of the uses that will be made of their personal health information and (ii) the organizations do not engage in misleading advertising or other deceptive trade practices. b. Assure that an authorization from the individual is obtained for collection, use, and disclosure of personal health information held by any organization not covered by HIPAA. http://www.ncvhs.hhs.gov/071221lt.pdf -------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC