Tagged as: OCR

Deidentified Under HIPAA, But Regulated Under the CCPA

The Health Insurance Portability and Accountability Act (“HIPAA”) establishes standards by which Protected Health Information (“PHI”) may be deidentified.  Upon deidentification, HIPAA generally allows covered entities to use or disclose the information without limitation.  However, states are increasingly passing privacy laws with definitions of personal information expansive enough to arguably…

Read More