Health Insurance Portability and Accountability Act (HIPAA) of 1996 protects most “identifiable health information’ held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper or oral. The Privacy Rule calls this information Protected Health Information (PHI). PHI under US law is any info in a medical record that can be used to identify an individual that was created in the course of providing a healthcare service, e.g. diagnosis or treatment.
This means that whenever you build a mobile or cloud application which stores PHI to be used in a clinical setting, then your application must be HIPAA Compliant.
What is HIPAA compliance? Well, have a look at the following components of HIPAA Compliance.
There is actually more to HIPAA, but we haven’t gotten through documenting all of the details. If you’re interested in Healthcare Security, please contact us.