Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In my experience working at several US health IT companies, company principles for following HIPAA rules (especially patient privacy) were taken seriously at all levels and considered more than just compliance check boxes. Regardless of the ethical issues, if you get a reputation for being sloppy and the trade press writes negative articles then that can kill your sales pipeline.


HIPAA has nothing to do with the usual company values I was talking about.

HIPAA is a certification process for industry deployments.


Nope. There is no certification process in HIPAA for that. Have you read the law?


A way of speaking, it has nothing to do with stuff like "Do no evil", "Respect, Achievement, Renewal, and Challenge", "Excellence, Innovation, and Responsibility" and similar word games with a yearly HR training, just to check a box.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: