Experts estimate that there are more than 40,000 health related applications. That’s a lot of apps for an industry that is just starting to blossom in the market. This number will further grow if Apple decides to launch the “rumored” Healthbook.
As per the latest rules and regulations, any health app that stores or processes personal health information, launched in the US must be HIPAA compliant. HIPAA stands for Health Insurance Portability and Accountability Act. The law protects all “individually identifiable health information” or PHI that stands for Protected Health Information. It basically, collects and protects your health information and medical records. So, before you plan to develop a health app, you must ensure that it is HIPAA compliant.
Apps such as Google Fit, Nike Training that are collecting information like calorie count, weight loss progress, body stats, etc. do not come under the HIPAA compliancy. This data is not considered as PHI (Personal Health Information).
On the other hand, if you use any app that holds information such as your medical records, billing information, information about your health insurance, or your health file, the app should be HIPAA compliant. When an individual has received services from a covered identity, it’s also considered as PHI. The name and address of the patient in medical records is also considered PHI. For example, Truevault system is HIPAA compliant because it stores PHI, such as an individual’s medical records.
Making Your App HIPAA Compliant
There are a few things that you need to consider while making your app HIPAA compliant:
A mobile app developer that has HIPAA obligations is actually an inquiry based on facts. A small change done to the functionality or business models can lead to a different conclusion on whether HIPAA applies or not. Hence, the app developer need to make the boundaries clear and determine whether or not it is going to store PHI, and hence, if it should be HIPAA compliant. If incase, the business model changes, the app developer should review if it again to determine if the app needs to be HIPAA compliant.