locked
Breach policy RRS feed

  • Question

  • Not sure if this is the correct forum for this.


    Writing up our privacy policy.

    So we have to notify Microsoft of a breach of our application?

    What is Microsoft's policy of a breach of the HV platform from their side?

    Is Microsoft following the latest HITECH guidelines for PHR breaches?

    I know that MS is not required to follow HIPAA, but just trying to get some details on a breach of the HV platform from the MS side.

    I want to give our users as much detail as possible, and try to comply to HIPAA as much as possible on our end.

    Thanks,
    Gary
    Thursday, November 19, 2009 8:10 PM

Answers

All replies

  • Hello Gary,

    I am following this internally now and will have an update soon.
    -Mahesh
    Thursday, November 19, 2009 10:06 PM
  • Thanks.

    Appreciate it.

    Gary
    Friday, November 20, 2009 6:11 PM
  • Hello Gary,

    Microsoft's policy for notifying HealthVault Solution Providers is covered in detail in the HealthVault Solution Provider agreement that each company signs before going live on the platform. 

    Some of the terms of this agreement are posted at http://msdn.microsoft.com/en-us/healthvault/cc268231.aspx but you can contact hvbd@microsoft.com to see a current and complete copy of the agreement.


    -Mahesh
    Friday, November 20, 2009 6:25 PM
  • Just FYI for everyone-- non-technical business questions are best sent to hvbd@microsoft.com, as this is a technical forum.  Any legal or business questions are best handled directly.
    Wednesday, December 2, 2009 11:39 PM