Developers and HIPAA

EHR Continuity in Care

Private Practice Physicians have the opportunity by contracting with a large health care entity to get into electronic health records EHR. In wanting to satisfy the continuum of care one practice can see any treatment provided by another provider for their patient. They can access diagnostics within the health care entities network. All good things! My concern, though users sign off on a confidentiality agreement ...more »

Submitted by

Voting

3 votes
3 up votes
0 down votes

Developers and HIPAA

Data Recording

I am a student creating an app for school project. I was wondering if I have to be HIPAA compliant. I am creating an app, where diabetics can store their glucose and calculate insulin dosage. None of the information will be sent to hospitals or physicians. How would HIPAA work in this case? Thank you ahead.

Submitted by

Voting

3 votes
3 up votes
0 down votes

Developers and HIPAA

Notifications

A NYS licensed facility providing addiction treatment services has been advised that when a patient has been referred for treatment by another entity (hospital, family agency, courts, etc.) notice that the patient has presented for treatment may not be given to the referring agency without the written permission of the patient. No other PHI would be provided other than the notification.

Is this true?

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

PII and PHI

We make medical devices and sell to CEs through a independent sales team/resellers. Often times where there are some issues with software that runs on devices -- the reseller obtains the corresponding record from CE and uploads to our Customer Support portal. This ticket can contain medical health information. As a device manufacturer are we required to adhere to HIPAA? We may get a few hundred such tickets from different ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

App Customization

A consumer focused app receives a request from one of its users, a hospital, for a customization of the product. The customization is created in response to the user request and treated the same as other requests. The app developer then makes it available to their entire user base, not just the requester, and no fee is paid. Does this make the app developer a business associate of the covered entity?

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

When is PHI de-identified?

We have developed a platform to facilitate the scheduling of transport/rides for patients to provider appointments. The process works as follows. The provider logs into a secure site, to schedule a ride to an appointment for a patient. The platform, at the appropriate time, sends formation to a rider service provider (someone such as Lyft, Uber, etc..) to schedule the transport. The information provide the transport ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Does the name of a Health Insurance company constitute PHI?

Does having identifiable information of a person and the name of the health insurance company they are enrolled in (or name of other covered entity) constitute a PHI record? 1. Would a text message sent to an individual that includes the name of their health insurance company (but no other health information) be subject to HIPAA regulations? 2. Would a text message sent to an individual that includes the name of their ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

What does "on behalf of a covered entity mean"

What triggers acting "on behalf of a covered entity", A, or B, or other? A. A covered entity uses your app (you are not paid or have signed a BA; they just go online and use it). B. Getting hired by them. We have an app that patients and providers use for chronic disease management. Does not integrate with EHR. Patients enter their progress and providers review it and can message back and forth. We think we are not ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Record, transfer and store mobile inbuilt sensor data

Hi, For a mobile chatbot health app that reads, transfers and stores (within and outside mobile phone in a cloud based server) sensor generated time series data of patients/consumers activities, events, etc.. which includes all data that can be captured by a mobile phone's, accelerometer, light, other sensors without patient/consumer intervention, can such sensor generated data be classified as personal identifiable information ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

HIPAA compliance with an task list from a provider?

I'm working on an app for a therapist to send a list of exercises to their patient's mobile device from their desktop for the patient to perform at home. The therapist can view if the patient is checking off their exercises and reporting thier completion each day. No information is being transmitted in regards to the patient's diagnosis or condition, only the list of exercises to be performed at home and the patient's ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Health Information Systems and HIPAA Compliance

We're a non profit organisation seeking to deploy an open-source health management application for use. We classify as a Business Associate as we provide services for a health care provider under HIPAA. We urgently need to know what exactly are the requirements a health information system needs to meet in order to satisfy HIPAA. It would be helpful to know if there's some document or checklist to work with. We'd also ...more »

Submitted by

Voting

2 votes
2 up votes
0 down votes