When the Stanford contractor sent patient Data to a third part as an electronic spreadsheet, they violated the basic principals of the HIPAA regulations.
I'm still not sure why the contractor even had unencrypted data, I get Stanford is saying they gave it to them in a encrypted state but how did they un-encrypt the data? Stanford was clearly aware that the contractor was going to un-encrypt the data as it would have been useless unless Stanford provided a way to un-encrypt the data.
Why un-encrypt the data? there is no need to do that if they are using the correct encryption methods.
Story Here
Try NetLib - www.netlib.com
No comments:
Post a Comment