Our Blog

Does your mHealth app need to be HIPAA compliant?

Looking to grab a share of that $2.4 billion in revenue that mobile health (mHealth) applications are expected to generate by 2017? If so, Step #1 in the process should be determining if the information your app will gather and transmit falls under the Health Insurance Portability and Accountability Act (HIPAA).

As an InformationWeek story succinctly described, “HIPAA was written nearly 20 years ago, before mobile health applications were ever envisioned. Because of this, some areas of the law make it hard to determine which apps must be HIPAA-compliant and which are exempt.”

At the essence of HIPAA is protected health information or PHI, defined by the US Department of Health and Human Services as individually identifiable information that is created or received by a health care provider, health plan or health care clearing house and relates to past, present or future physical or mental health conditions of an individual.

So, in short, an app that shares personally-identifiable information with a covered entity (a health care provider or health plan) must be HIPAA-compliant.

A basic rule of thumb – although certainly not true in every case – is that mHealth apps intended for the general public (calorie counting, step tracking, etc.) do not to be HIPAA-compliant, while apps used by medical personnel at covered entities do.

For instance, SD3 created the HIPAA-compliant apps HipaaCat and My Doctor Note (for Android and iOS) for a client seeking the ability to safely transfer protected images and messages between doctors and staff at a healthcare provider.

If you’re looking for assistance with mobile app development that requires experience with the healthcare industry and HIPAA compliance, consider contacting SD3 Corporation.


<< Back

Contact Us

Case Studies

Customized Mobile Application Development

img3_small Bringing together multiple relevant software platforms, SD3 created an app that streamlines workflow assessment in real-time. Team members in the field can communicate smoothly with home office, each one in sync with work orders, updates and more. Read More...

HipaaCat & My Doctor Note Android and iOS Apps

case_studies_img3 A hospital system that relies on communication of critical and highly private patient information needed a safe way to do so electronically. The forward-thinkers at SD3 developed an app enabling chiefs, residents and nurses to securely send and receive images and/or messages. This required creation of a custom camera application to keep images off the “camera roll” for security and yet still gave full control of image details. Read More...

Data Warehouse Telecommunications

img10_small When the regional arm of a large cellular provided needed a massive tech fix, SD3 provided the solution, in the form of a system to monitor performance of cellular towers to troubleshoot every factor imaginable. This data retrieval and storage system not only earned a Corporate Award for Excellence, but ended up being implemented nationwide. Read More...

Website Development Marketing

img13_small SD3 built a customized marketing site that leveraged the client’s need for a heavy web presence. The environmental services company came away with a site that not only pumped the brand, but enabled the company to access regulatory adherence documentation, product lines, customer education and other critical information. Read More...

Healthcare Network Security

img14_small Multiple Network Security and HIPAA Compliance A healthcare company needed to insure that its computers, databases and networks were safe from ... Read More...