HIPAA Compliance

Health Insurance Portability and Accountability Act (HIPAA) of 1996 protects most “identifiable health information’ held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper or oral. The Privacy Rule calls this information Protected Health Information (PHI).  PHI under US law is any info in a medical record that can be used to identify an individual that was created in the course of providing a healthcare service, e.g. diagnosis or treatment.

This means that whenever you build a mobile or cloud application which stores PHI to be used in a clinical setting, then your application must be HIPAA Compliant.

What is HIPAA compliance? Well, have a look at the following components of HIPAA Compliance.

Access Control

Business Continuity Plan

Cloud Security Services

Compliant Cloud Security Architecture

Compliance in the Cloud

Software Development and Maintenance

IT Compliance

Incident Management

Communications and Operations Management

Physical and Environmental Security

There is actually more to HIPAA, but we haven’t gotten through documenting all of the details. If you’re interested in Healthcare Security, please contact us.

View the Slide Deck from out HIPAA Compliance Meetup!