alt Hacker NewsFYI, there's a .gov-maintained portal where healthcare companies in the U.S. are legally obliged to publish data breaches. It's an interesting dataset!
Replies
mexicocitinluez • last Thursday at 11:32 AM
One of my favorite HIPAA stories is about a doctor who utilized his patient list when sending out campaign-related information when he was running for local office. Over 2 decades of schooling and still didn't understand how stupid this was.
This is a suboptimal characterization of this site.
I think it would be less wrong to say this is where covered entities that discover reportable breaches of PHI (whether their own or that of a BA) that trigger the immediate reporting obligation report them.
This is a narrower scope of coverage and shallower depth of epistemic obligation than you implied.