Elizabeth Hodge was quoted multiple times in a BankInfo Security report titled, “HIPAA Compliance: Self-Insured Company Reports Breach,” discussing HIPAA requirements for companies outside the healthcare sector. Among the most critical areas of HIPAA compliance non-healthcare companies should consider: Their employees’ health plans.

"Often, companies that are not in the healthcare sector don't realize that their self-insured employee health plans are covered entities under HIPAA and assume that HIPAA doesn't apply to them," Hodge told the publication.

“… employers/plan sponsors must ensure that their group health plans comply with HIPAA by having in place HIPAA policies and procedures for the health plan and training those employees who work in the company's benefits or human resources department," she added.