Showing 2 ideas for tag "mobile-app"
kudos icon +

Developers and HIPAA

iOS keychains for saving pass/access token is HIPAA complaint?

I am building a mobile application to facilitate the patients and I am accessing the PHI through RESTful web apis.

I want to clarify one thing that I surfed a lot on google recently is, if I save patient's password or access token for re-authentication in iOS keychains, then may I consider this approach or this would be vulnerable to save the passwords in iOS keychains and violates HIPAA compliance act?

Voting

2 votes
2 up votes
0 down votes
kudos icon +

Developers and HIPAA

Must a mobile app PHR be password protected

A covered entity provides test results to patients through a Patient Mobile App or a Website. Patients must request access and data is transmitted securely.

Once the patient has custody of the PHI (as a downloaded report on the website, or as received data on the mobile device, is the Covered Entity responsible if the patient loses their own data? Is it required, for example, that the Mobile App be password protected?... more »

Voting

1 vote
1 up votes
0 down votes