When the Health Insurance Portability and Accountability Act “HIPAA” was implemented, it was designed to regulate “covered entities” such as health care providers, hospitals and health insurance companies.  Because of this limited regulation, many entities with access to “protected health information” or “PHI” were outside the scope of HIPAA.  Those “non-covered” entities included data storage...Read More