this post was submitted on 01 Nov 2023
440 points (99.3% liked)
Technology
59698 readers
2745 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Although I wonder if HIPAA would need to get involved in places like the US if that happens. If that data is used to diagnose, then it falls under HIPAA.
If they do that, there will definitely be giant legal battles. I wonder if that is a legal risk they’d want to take on.
HIPAA basically only covers healthcare providers and workers. I ran into this when the VA mailed my entire medical history to some random person. Since it wasn’t the healthcare branch of the VA, I had exactly zero recourse.
That's not true. HIPAA covers anyone handling protected health information in a professional manner. If some office clerk at the VA is mailing out copies of HIPAA-protected information, they're bound by HIPAA. If a consulting IT firm has access to a hospital's servers as they're changing something about the EHR, they're bound by HIPAA. Protected information cannot make its way from a "covered entity" to a non-covered entity like a totally unrelated bakery who would not have an obligation to protect your information without either: 1) violating the law, 2) you personally disclosing the information to the non-protected party, or 3) you or someone authorized on your behalf signing a disclosure waiver permitting the covered entity to disclose