IT providers, do you have clients in healthcare? Do you handle their patient data? If yes, then you are almost certainly required to protect that data by HIPAA.
HIPAA calls this data “electronic protected health information,” or ePHI. Essentially, it is electronic information about a patient. It can be anything from a patient’s phone number to a recent diagnosis.
HIPAA requires healthcare organizations to protect this data. It also requires their “business associates” to protect it – and that includes their IT service providers. Continue reading