Medical Device Security Privacy Checklist
Medical devices that collect and store data that falls under the HIPAA definition of protected health information (PHI) must ensure that the covered entities (CEs) using those devices can secure them effectively, and create logs and control sharing as required by the HIPAA Security Rule, Privacy Rule and HITECH Act. If medical device vendors and manufacturers have access to the devices, and associated data, that the CEs use, then they are business associates (BAs) under HIPAA and must follow all the HIPAA Security Rule and HITECH Act requirements, and all the applicable Privacy Rule requirements.
Rebecca created this “Medical Device Manufacturers and Engineers Security and Privacy Checklist” to help medical device engineers to build in the appropriate controls, and for vendors who are BAs to understand the controls necessary within such devices, and to help them address their legal obligations for security and privacy protections.
All medical device manufacturers and vendors can also use the SIMBUS Light and Standard services to ensure they have a HIPAA-client program within their own organizations.
Your Privacy is Assured
Click to Verify
I have been working with Rebecca for the last few months and she is one of the top privacy and security experts in the country and I’m so glad and lucky I have a chance to work with her. I have learned a ton. Thanks!