All 50 states now have a separate privacy law. South Dakota and Alabama are the final two states to enact data breach notification laws. Other states like North Carolina are proposing to update their requirements that only allow 15 days to notify in the event of a data breach.
Although medical practices must adhere to the Federal HIPAA law guidelines, if your state law is more stringent state law will supersede federal notification requirements. You may also be required to notify your state officials or the credit reporting agencies. Know your state law!
The link below lists the state and the statutes. Only a couple of the states have live links. If you want more information you will need to copy and paste in to Google.
To find out more about how our automated HIPAA compliance platform can help your organization click here:
Or to schedule a demo click the contact us tab and scroll down.
“Simplifying HIPAA through Automation, Education, and Support