HIPAA

HIPAA's Privacy Rule and Security Rule (45 CFR Parts 160 & 164) govern the use and disclosure of Protected Health Information by Covered Entities (health plans, healthcare clearinghouses, healthcare providers) and their Business Associates. Pure pharma / supplement / food manufacturers rarely fall in scope. Radiopharma sites that handle patient identifiers (e.g. unit-dose dispense by patient name) typically need a Business Associate Agreement with the receiving hospital.

V5 Ultimate's Cloud deployment supports BAA execution for radiopharma customers; the on-prem deployment inherits the customer's existing HIPAA boundary.