|
|
|
|
|
|
by mailmrg
2560 days ago
|
|
|
if free flow of data across countries helps in privacy then HIPAA should not have rule that healthcare data of US citizens need not be stored only in US. Will USGOV relax that norm ?
the Indian govt rules are about storing financial data within the country and not gmail data. |
|
|
HIPAA doesn't talk about US citizens or distinguish different types of records based on any properties of the people that those records cover. The words citizen do not appear in HIPAA or HITECH. HIPAA applies to any records by covered entities, which is what it discusses, regardless of who those records refer to.
There is no requirement in HIPAA that PII must be stored in the US. This is such basic info it's in the HIPAA FAQ from HHS https://www.hhs.gov/hipaa/for-professionals/special-topics/c.... Question 9 is unequivocal, you can store data outside of the US, but you need to think about any dangers or risks associated with this. Which is totally logical.
There are lots of reasons to have issues with the US. But not what you're talking about.