Developers and HIPAA

Record, transfer and store mobile inbuilt sensor data

Hi, For a mobile chatbot health app that reads, transfers and stores (within and outside mobile phone in a cloud based server) sensor generated time series data of patients/consumers activities, events, etc.. which includes all data that can be captured by a mobile phone's, accelerometer, light, other sensors without patient/consumer intervention, can such sensor generated data be classified as personal identifiable information or personal health information or personal data and governed by HIPAA or other federal personal data rules? What security and compliance safeguards (technical as well as process) need to be ensured of such sensor data while reading, transfer (in motion) and storage (at rest)?

Tags (If you have a multi-word tag, add a hyphen (-) between the words.)

Who are your customers? Check all that apply : Business associates (operates on behalf of/provides service to health care provider/health plan, e.g., an EHR vendor), General Public, Health plans or health care providers, Patients/Individuals/Consumers

What is your organization? : Developer of Mhealth apps (not mobile medical apps), Small company, For profit, Your products send, receive, and/or view data/information to/from an EHR or related platform


2 votes
2 up votes
0 down votes
Question No. 74