Mobile Health Developers to get Government Assistance to Help Adhere to HIPAA

by | Jan 23, 2015


The App Association (ACT) – an advocacy and educational group set up to represent mobile app developers – recently wrote to the Office for Civil Rights seeking clarification on HIPAA privacy rules, and how they apply to mobile developers.

Developers are eager to incorporate the necessary privacy controls to ensure HIPAA-compliance; however many are not certain about what controls are required.

Yesterday, the OCR responded to Representative Peter DeFazio, and confirmed that it believes the aim should be to provide “the best possible compliance guidance in the industry” and that it is “moving forward in a number of ways” towards this goal.

DeFazio had asked for more clarity on HIPAA obligations for groups storing data in the cloud, wanted to find out what is expected of technology companies in order to adhere with HIPAA rules and asked for the OCR to work regularly with technology companies and provide compliance assistance.

In the correspondence, the OCR stressed out that it does supply information and compliance tools via its website and that the information has been gathered collaboratively with the Office for the National Coordinator for Health Information Technology. However, in a field that is increasing at such a rapid rate it has not been able to address all of the problems raised.

The OCR confirmed that it has entered into talks with ACT and is in the process of developing “real time solutions” to address the issues which are most pressing, and will ensure that these problem areas are specifically referred in the guidance it issues. The OCR is also looking into the possibility of holding what it refers to as “listening sessions”, where stakeholders can air their views about privacy and security.

App Association Director, Morgan Reed believes the privacy developer guidelines the OCR has provided so far are not up to date, which is hindering development of mobile health apps. He also say HIPAA is stopping many hospitals and clinics from using the new tools and services provided by mobile developers.

“Often we talk to developers who have got their first round of funding, they have a good idea that promotes good patient outcomes, but then they get into the development cycle and the sales just aren’t there. There’s a disconnect.”

Now that discussions have been initiated, Reed has asked for mobile developers to contact ACT with specific examples and information about specific problems that have been experiences so it can make them known to the OCR. Once the issues have been identified the OCR will be able to improve the assistane it provides to better serve the mobile industry.

Mobile health apps have massive potential to improve efficiency in healthcare as well as patient outcomes; however developers of mobile health apps are having trouble attracting interest from healthcare providers due to fears that their products would cause breaches of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA Privacy and Security Rules serve to secure patient privacy and keep health and personal data safe. Substantial financial penalties are being issued by both the Office for Civil Rights and Attorney General’s Offices for non-compliance, and understandably healthcare providers are being very cautious with any new technology or software that could possibly touch the Protected Health Information of their subscribers.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy