On December 28, 2000, a final privacy rule 45 CFR Part 160 and 164 was issued. HHS provides the rule and related guidance here: https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html.
Medical device manufacturers that produce devices that will maintain patient data should be aware of HIPAA privacy and security requirements to assure appropriate features are incorporated in their devices to allow healthcare providers to comply with these aspects of HIPAA.
In addition, medical device, pharmaceutical and biologics manufacturers that collect individual patient information as part of research or clinical trials need to be aware of these rules as they can affect their internal systems and data handling to assure that the healthcare institutions that provide the patient information are compliant with the regulations.
SoftwareCPR® provides consulting and on-site and web based training in HIPAA privacy and security regulations. SoftwareCPR® also provides a HIPAA Roadmap with links to relevant educational documents to Premium subscribers. Click here to subscribe.