The Connected Health Initiative, with ACT | The App Association, has created this tool to help software and app developers figure out whether or not they are bound by the HIPAA privacy and security rules.
Protecting the privacy and security of patients and their health information is essential. Health care providers, health plans, and companies innovating in this space are all dedicated to the privacy and security of this sensitive data.
Companies working in the connected health space must adhere to a variety of rules and regulations. Many healthcare technology companies need to follow the rules issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), particularly the privacy, security, and breach notification rules.
However, the HIPAA Rules do not apply to everyone who handles health related information. HIPAA only applies to health care providers and health plans (called “covered entities”) and certain organizations that perform activities on their behalf (called “business associates”).
Even if an organization does not need to follow the HIPAA Rules, it may be subject to other laws including:
For more information, check out The Federal Trade Commission’s guide to using consumer generated health information..
DISCLAIMER: This website has been prepared by ACT | The App Association for general information purposes only. The information on this website is not legal advice.