Problem solve Get help with specific problems with your technologies, process and projects.

Relevancy of HIPAA to civilian government agency

We're a group within a civilian government health care agency that tracks health care investigations done by doctors across the U.S. We provide budget and lab space so doctors can get published in order to attract good doctors to our agency. The information we gather does not include patient's names or social security numbers. We only track what the doctors are doing with the budget money given them. How would we be affected by the latest changes to HIPAA? We feel at this point that HIPAA does not apply to us for the above reasons.

This can be a complicated issue, so I understand your concerns. It sounds like your organization could fall in the categories of a health care provider or business associate, but you may not be considered a HIPAA covered entity at all. You say that you do not gather patient names or social security numbers. Do you gather any other information from the patients? HIPAA specifies that any information that identifies or can be reasonably used to identify an individual such as name, address, social security number, phone and fax numbers, medical record numbers, e-mail addresses, URLs, IP addresses, etc. is covered under the rules. In a nutshell, if you gather this type of information and store it or transmit it electronically, then your organization is most likely considered a HIPAA covered entity. Otherwise, you should be in the clear.

For more information on this topic, visit these other SearchSecurity.com resources:
News & Analysis: HIPAA is a strategic enabler
News & Analysis: Final HIPAA privacy changes announced
Best Web Links: Health care/health services

This was last published in September 2002

Dig Deeper on Government information security management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.