On January 25th 2013, the US Department of Health and Human Services modified the rules of the Health Insurance Portability and Accountability Act 1996 (“HIPAA”). HIPAA applies to any SaaS suppliers who process protected health information (“PHI”) on behalf of customers to whom the Act applies, regardless of whether or not the SaaS supplier is located in the USA.
Continue reading