Cozen O’Connor: Quest, Labcorp Breach Highlights Limits of HIPAA's Vendor Oversight

Quest, Labcorp Breach Highlights Limits of HIPAA's Vendor Oversight

Thursday, June 13, 2019

Ryan Blaney discussed with Legal Tech News Quest and Labcorp's recent data breaches and where the responsibility falls. HIPAA lays out the responsibilities that both covered entities and vendors have in the event of a data breach, but service agreements can still play a vital role in determining where critical — and costly — responsibilities fall. “The ambiguity or the key kind of analysis is understanding the relationship and exactly what the vendor is doing for the covered entity,” said Ryan.

To read the full article, click here.