How can we determine if we’re a covered entity? The resources to make that determination are expensive – i.e. law firms
A business associate provides no medical advice, medical services, medical devices, etc. But it talks to patients of the covered entity. Those patients tell the business associate what prescriptions they have for prescription drugs and when they must be refilled. The business associate faxes the refill request to the pharmacy. Does that make the business associate a covered entity?
A. A covered entity uses your app (you are not paid or have signed a BA; they just go online and use it).
B. Getting hired by them.
We have an app that patients and providers use for chronic disease management. Does not integrate with EHR. Patients enter their progress and providers review it and can message back and forth.
We think we are not... more »
Once the patient has custody of the PHI (as a downloaded report on the website, or as received data on the mobile device, is the Covered Entity responsible if the patient loses their own data? Is it required, for example, that the Mobile App be password protected?... more »
Is an app for people to share STD test results by taking a picture of the STD test results and getting a scannable QR code covered by HIPAA, HITECH or other laws/regulations?