Developers and HIPAA

What part of the environment has to be compliant? Implemented

Does the entire environment need to be HIPAA compliant, or is it possible that the solution could fall into an exception to HIPAA, or can they use an API to store certain kinds of data? If you’re building modern technologies, you’re relying on a lot of third party (likely API) based services; mostly cloud based services. So which aspects of those need to be compliant?

Tags (If you have a multi-word tag, add a hyphen (-) between the words.)


5 votes
5 up votes
0 down votes
Question No. 5