Unfortunately HIPPA is actually specific in this scenario. I highly doubt file sizes have to do with PHI. However if you can show that they are sending the actual data in the backup, that would be a reportable offense.
Disclaimer: I am not a lawyer, this is not legal advice, YMMV.
No comments yet.