We are not a covered entity or business associate. We are developing a direct-to-consumer app that tracks medication adherence. We want to de-identify the information the app collects to sell to third parties. Do we follow the same HIPAA de-identification processes that a covered entity or business associate would follow?
Showing 3 ideas for tag "deidentification"
Scenario 1: Manufacturer makes an implantable device that collects data from the patient in order to function as intended. This data is uploaded automatically to servers of the manufacturer. As part of the device's design, a platform processes the raw data and sends the processed data to the physician. No analysis or clinical conclusions are conducted on the raw data--it is organized into a readable format for the physician... more »
I have mobile application for tracking physician compensation, and I'm not sure if it contains data points separately or together which would be considered PHI under HIPAA. The application is designed to help a physicians track procedures they perform. This app helps doctors keep tabs on their case log. The information collected is date of case, age of patient (but range, i.e age 1-5), date billing was submitted, diagnoses... more »