• Categories

    • When Your Mobile App Must Comply With HIPAA Rules

    Posted on July 28, 2011 by KHoeft

    It seems like every time you turn your head there is a new hot app out. Has your medical practice been thinking of developing one? Possibly one that allows nurses to upload patient data from their bedside rather than having to go to a desktop to upload data, or an app that allows a patient to send updates about their condition to their doctor. Whatever the purpose of your app, there are few things to contemplate before you start the developmental process.

    When considering a mobile application, trying to figure out what needs to comply with the Health Insurance Portability and Accountability Act (HIPAA) can be an intimidating task. Asking yourself a few questions can make this much easier on you and your mobile  developer.

    First, ask yourself who will be using the application? Is this app for your physicians, hospital or health plan? If so then the HIPAA rules must apply, as these are “covered entities.” HIPAA rules also apply to any business associates of the covered entities as well.  A business associate is an entity that handles “protected health information” on behalf of a covered entity. For example, a pharmacy benefits manager operating a health plan’s  prescription benefit: the health plan is the covered entity and the pharmacy manager is the business associate.

    The second question you need to ask yourself is what information is the mobile application going to have access to?  HIPAA rules only apply to protected health information. This includes information that can identify a specific individual and that relates to that  individual’s physical or mental health,  health care services to the individual and payments that were made for the health care.

    An example of an application that would need to comply with HIPAA rules would be an app that allows a doctor to follow up with a patient, or one used by health plan employees to quickly gather an individual’s enrollment information.  This application would need to comply.

    An application that helps a patient remember their medicine schedule would not have to comply with HIPAA rules as there is no covered entity involved.

    So get to developing, and remember that technology can be your competitive advantage when it comes to growing your practice!

    - EasyIT your partner for expert technology services for your practice

    For more information on this topic please go to When HIPAA Applies

    This entry was posted in Article and tagged , , , , , , . Bookmark the permalink.

    Comments are closed.