It seems simple enough: If a piece of medical equipment is storing, receiving, transmitting, or processing electronic protected health information, it falls within the category of devices that are covered under HIPAA.
Yet, “for many practitioners, it just hasn’t occurred to them that medical devices are computers or are interfaced with computers,” said Steve Spearman, vice president of HIPAA Compliance Services of Healthicity, an information security consulting and services firm focused exclusively on healthcare.