Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
theGnuMe
2y ago
0 comments
Save
Share
Right but the hackers are not covered entities.
0 comments
2 comments · 1 top-level
top
newest
oldest
deathanatos
2y ago
· 1 in thread
That's not how HIPAA works. 23andme would be, or would not be, the covered entity, and the entity bound by HIPAA.
theGnuMe
OP
2y ago
I dunno, they offer blood tests ordered by a clinician. That probably creates a covered entity.. then the hackers get the phi data, they for sure do not have a business associates agreement with 23andme. May only matter for the blood draws.
j
/
k
navigate · click thread line to collapse
