Showing 5 ideas for tag "business"
kudos icon +

Developers and HIPAA

Developer and HIPAA Implemented

Assume you have a software company that will be using a smartphone application and related device to record and store arguably protected health information.

1. Assume the software company stores the information on its own servers. The company is not subject to HIPAA (privacy or security rules) because it isn't a covered entity or a business associate of a covered entity, correct?

2. Now assume that the software... more »

Voting

2 votes
2 up votes
0 down votes
kudos icon +

Developers and HIPAA

De-identification of individuals' information Implemented

Is there any limitation on a covered entity's de-identification of PHI or use of de-identified information? For example, may a covered entity de-identify information purely for the purposes of selling data as a service?

Additionally, from a Privacy Rule perspective (i.e., not considering state law or contractual considerations), are there any restrictions on a business associate using or disclosing the de-identified... more »

Voting

3 votes
3 up votes
0 down votes
kudos icon +

Developers and HIPAA

HIPAA E-Signature Requirements Implemented

We are a small organization starting up a tele-health initiative. We would like to deliver a copy of our Notice of Privacy Practices electronically and have patients acknowledge receipt via check box prior to completing our online intake forms. This method is used for acceptance when one downloads software online. We are having a difficult time understanding the requirements for this. Can it be a check box and/or typed... more »

Voting

3 votes
3 up votes
0 down votes
kudos icon 1

Developers and HIPAA

Medical Device Data

Scenario 1: Manufacturer makes an implantable device that collects data from the patient in order to function as intended. This data is uploaded automatically to servers of the manufacturer. As part of the device's design, a platform processes the raw data and sends the processed data to the physician. No analysis or clinical conclusions are conducted on the raw data--it is organized into a readable format for the physician... more »

Voting

3 votes
3 up votes
0 down votes
kudos icon +

Developers and HIPAA

Audits Implemented

With random audits becoming a feature of HIPAA enforcement, small companies and Business Associates should ensure that information sought by OCR is readily available. This will allow OCR to make assessments quickly and efficiently. Making this process efficient also limits the disruptive impact audits can have on emerging companies.┬áSimilar to the practice of the FCC,┬ácan OCR provide guidance for Business Associates regarding... more »

Voting

5 votes
6 up votes
1 down votes