What is the purpose of this tool?

The Connected Health Initiative, with ACT | The App Association, has created this tool to help software and app developers figure out whether or not they are bound by the HIPAA privacy and security rules.

Why do I need to worry about privacy and security in my product?

Protecting the privacy and security of patients and their health information is essential. Health care providers, health plans, and companies innovating in this space are all dedicated to the privacy and security of this sensitive data.

Is HIPAA compliance relevant to me?

Companies working in the connected health space must adhere to a variety of rules and regulations. Many healthcare technology companies need to follow the rules issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), particularly the privacy, security, and breach notification rules.

However, the HIPAA Rules do not apply to everyone who handles health related information. HIPAA only applies to health care providers and health plans (called “covered entities”) and certain organizations that perform activities on their behalf (called “business associates”).

What about other health regulations?

Even if an organization does not need to follow the HIPAA Rules, it may be subject to other laws including:

For more information, check out The Federal Trade Commission’s guide to using consumer generated health information..

DISCLAIMER: This website has been prepared by ACT | The App Association for general information purposes only. The information on this website is not legal advice.