Hello friend. My name is XXXXX XXXXX welcome to JustAnswer. Please note: (1) this is general information only, not legal advice, and, (2) there may be a slight
delay between your follow ups and my replies.
On this website, I do not always get to give good news, and this is one of these times. The answer is yes
. Any covered entity must be compliant. A covered entity is defined per 45 CFR 160.103
and a good explanation in layman's terms for it may be found here
So it does not matter whether the office is big or small, staffed or not, etc. HIPAA applies. However, just because it does, does not mean that one has
to use electronic storage, etc. Provided that the paper files are stored reasonably securely, that is all that matters.
HIPAA's the Security Rule deals specifically with Electronic Protected Health Information (EPHI). It does not require
that files be electronic, but simply dictates reasonable safety standards if they are.
Please note: I aim to give you genuine
information and not necessarily to tell you only what you wish to hear. Please, rate me on the quality of my information and do not punish me for my honesty. I understand that hearing things less than optimal is not easy, and I empathize.
Gentle Reminder: Please use the REPLY
button to keep chatting, or RATE
my answer when we are finished. Kindly rate my answer as one of the top three faces
and then submit
, as this is how I get credit for my time with you. Rating my answer the bottom two faces does not give me credit and reflects poorly on me, even if my answer is correct.
I work very hard to formulate an informative and honest answer for you; please reciprocate my good faith. (You may always ask follow ups at no charge after rating