Blogs / Events / Articles / News

SOS Answered: New Guidance on HIPAA for App Developers

iStock_000057181060_SmallAmidst criticism that the Health Insurance Portability and Accountability Act (“HIPAA”) lags behind technological innovation, the Office for Civil Rights (“OCR”) released new guidance to aid app developers in determining how HIPAA may apply to the products they are building and developing. OCR explained that the guidance is intended to “reduce some of the uncertainty that can be a barrier to innovation.”

OCR’s guidance walks through how an app developer could be required to comply with HIPAA. The guidance explains that app developers who work for a covered entity (meaning a health plan, a health care clearinghouse, or health care providers) and, as part of their jobs, are developing an app that involves the use or disclosure of protected health information (“PHI”) are covered by HIPAA. The guidance explains that HIPAA also covers app developers who are business associates of covered entities if they are creating or offering an app on behalf of a covered entity or one of the covered entities’ contractors. Continue Reading