Developers and HIPAA

What part of the environment has to be compliant?

Does the entire environment need to be HIPAA compliant, or is it possible that the solution could fall into an exception to HIPAA, or can they use an API to store certain kinds of data? If you’re building modern technologies, you’re relying on a lot of third party (likely API) based services; mostly cloud based services. So which aspects of those need to be compliant?

Tags (If you have a multi-word tag, add a hyphen (-) between the words.)

Voting

5 votes
5 up votes
0 down votes
Answered Questions
Question No. 5