The Global Impact of the New HIPAA Rules on Cloud Service Providers: A Hypothetical Conversation
Todd Tabor, Senior Counsel, HP Software, Cloud, and Opensource, Hewlett-Packard Company (HP), USA
As in house counsel, we are often tasked with wearing multiple hats, not all of which are legal. This can occasionally be a challenge, but in most cases, it represents one of the most exciting aspects of working in house. One such scenario may be on your radar screen now with the updated HIPAA rules issued on January 25, 2013 (FR, Vol 78, No. 17). The new rules have, in many respects, clarified the responsibilities of Covered Entities and Business Associates, but at the same time the new rules have potentially scoped in cloud service providers that may have been operating in a grey area previously. This leaves in house counsel with the responsibility of not only explaining the legal impact of the new rules, but also, in many cases, helping the business make decisions on how the business should be structured moving forward. This paper will dive into some of the details of the newly released rules and how they impact cloud service providers by walking through a hypothetical conversation between a business representative and their in house counsel. As always, this paper is not intended to represent legal advice and should not be taken as such. With that background, we can join the conversation already in progress.
Read full paper
Subscribe to the IICJ