kstrauser
13 days ago
> He says one medical site added updated terms saying users agreed not to sue over mishandling of personal data, but instead to resolve it in arbitration.
Fortunately, HIPAA doesn’t care about some dumb ToS. If a site I used violated my healthcare privacy rights, I’m reporting it to the feds for them to drop the hammer, and I couldn’t care less what the site’s ToS says.
You can’t disclaim your legal obligations.
jqpabc123
13 days ago
You can’t disclaim your legal obligations.
HIPPA is a privacy obligation for healthcare providers.
Other service providers and professionals (legal, accounting, medical, etc.) have obligations, duties and responsibilities to maintain a reasonably competent level of service.
Using "pretend intelligence" opens the door to liability and claims of negligence when (not if) things go wrong.
welcome_dragon
13 days ago
That's not true. It's for anyone who handles non anonymized medical data
LeFantome
12 days ago
I am not an American but I am quite sure that HIPPA regulates the data, not the profession. You can be managing school bus routes and, if you reveal the wrong information about a special needs child, it can be a HIPPA violation.
kjs3
11 days ago
Can't even get the acronym right, but confidently lecturing about what it means. For those of us who do this for a living, this is what "amateur" looks like.
kstrauser
12 days ago
HIPAA, but no, it’s the other way. Healthcare providers and associated entities are regulated by the law. If you tell me, as a regular non-doctor person in a non-medical setting, that you have the flu, I can share that information with anyone else without violating HIPAA.
There was so much misinformation about that during COVID. “Do you have a cough or fever?” “You can’t ask me that! HIPAA!” “Sir, this is a Wendy’s.”