Tougher Privacy Standards for Exchanges

TEASER: “We considered but declined to use the definitions for these terms provided under the HIPAA regulations because the protected health information (PHI) that triggers the HIPAA requirements is considered a subset of PII [Personally Identifiable Information], and we believe that the HIPAA definitions would not provide broad enough protections to satisfy the requirements under…

Share