Too add to that. If VERB is touching any of the pa
Post# of 33002
(Total Views: 795)
Posted On: 05/31/2019 11:15:00 AM
Too add to that. If VERB is touching any of the patience information, then yes VERB is. Just so people are aware of what just some of that information is, I posted the list below. Any supplier touching PHI is required to abide by HIPAA. Most everyone in the health field knows this.
I don't see how VERB wouldn't be because of the referral aspect of the business and those referred could also be selling. I also remember Rory saying one of the things they had to do was be HIPAA compliant for notifiMED last year.
Third-party vendors must abide by HIPAA privacy rules as well
"Most covered entities (health plans and health providers) know they fall under the HIPAA Security and Privacy rule. But what some don't know is that their business associates and subcontractors also fall under these rules."
https://www.csoonline.com/article/3045800/thi...-well.html
"According to HIPAA, if you are belong to the category of “covered entities” or “business associates,” and you handle “protected health information (PHI),” you and your business are required to be HIPAA-compliant."
https://www.forbes.com/sites/thesba/2014/02/0...dd3473d7cc
What is PHI?
PHI is any health information that can be tied to an individual, which under HIPAA means protected health information includes one or more of the following 18 identifiers. If these identifiers are removed the information is considered de-identified protected health information, which is not subject to the restrictions of the HIPAA Privacy Rule.
Names (Full or last name and initial)
All geographical identifiers smaller than a state, except for the initial three digits of a zip code if, according to the current publicly available data from the U.S. Bureau of the Census: the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and the initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000
Dates (other than year) directly related to an individual
Phone Numbers
Fax numbers
Email addresses
Social Security numbers
Medical record numbers
Health insurance beneficiary numbers
Account numbers
Certificate/license numbers
Vehicle identifiers (including serial numbers and license plate numbers)
Device identifiers and serial numbers;
Web Uniform Resource Locators (URLs)
Internet Protocol (IP) address numbers
Biometric identifiers, including finger, retinal and voice prints
Full face photographic images and any comparable images
Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data
https://www.hipaajournal.com/what-is-consider...der-hipaa/
I don't see how VERB wouldn't be because of the referral aspect of the business and those referred could also be selling. I also remember Rory saying one of the things they had to do was be HIPAA compliant for notifiMED last year.
Third-party vendors must abide by HIPAA privacy rules as well
"Most covered entities (health plans and health providers) know they fall under the HIPAA Security and Privacy rule. But what some don't know is that their business associates and subcontractors also fall under these rules."
https://www.csoonline.com/article/3045800/thi...-well.html
"According to HIPAA, if you are belong to the category of “covered entities” or “business associates,” and you handle “protected health information (PHI),” you and your business are required to be HIPAA-compliant."
https://www.forbes.com/sites/thesba/2014/02/0...dd3473d7cc
What is PHI?
PHI is any health information that can be tied to an individual, which under HIPAA means protected health information includes one or more of the following 18 identifiers. If these identifiers are removed the information is considered de-identified protected health information, which is not subject to the restrictions of the HIPAA Privacy Rule.
Names (Full or last name and initial)
All geographical identifiers smaller than a state, except for the initial three digits of a zip code if, according to the current publicly available data from the U.S. Bureau of the Census: the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and the initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000
Dates (other than year) directly related to an individual
Phone Numbers
Fax numbers
Email addresses
Social Security numbers
Medical record numbers
Health insurance beneficiary numbers
Account numbers
Certificate/license numbers
Vehicle identifiers (including serial numbers and license plate numbers)
Device identifiers and serial numbers;
Web Uniform Resource Locators (URLs)
Internet Protocol (IP) address numbers
Biometric identifiers, including finger, retinal and voice prints
Full face photographic images and any comparable images
Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data
https://www.hipaajournal.com/what-is-consider...der-hipaa/
(15)
(0)