7 important steps to make sure your healthcare apps are HIPAA compliant

HIPAA stands for the Health Insurance Portability and Accountability Act and is well known across every area of the healthcare sector. It was originally put into place in 1996 and was greatly expanded and explained in 2013 by the Final Omnibus Rule Update. While only covered entities, such as doctors and insurers, once needed to be compliant, now anyone or anything that stores, records or passes protected information must comply. 

If you are involved in using apps to disseminate PHI, or Protected Health Information, you must learn what is required for HIPAA compliant apps. To do so, you must follow the four basic HIPAA rules.

  • 1. HIPAA Privacy Rule
    This primary HIPAA rule delineates when PHI can be used or shared.
  • 2. Security Rule
    The security rule determines how electronic health information is protected. This rule is very technical and specifies best practices.
  • 3. Enforcement Rule
    This rule describes how the HIPAA law is enforced and when corrective actions will be taken.
  • 4. Breach Notification Rule
    This rule determines when a covered entity must notify certain individuals and organizations of PHI breaches.

If you do not follow each of these rules and in particular the security rule, which will most affect what you do as you use an app, you will be in danger of being charged with hefty fines. For example, in 2010, Cignet Health was fined $4.3 million for breaking the privacy rule. In more recent times, Memorial Healthcare Systems was fined $5.5 million for not auditing its systems correctly.

Depending on the violation type, such as not knowing of the violation or willful neglect, fines can run from $100 to $50,000 for a single incident.

How to ensure your healthcare app is HIPAA compliant?

To be on the safe side, check out the following seven steps that possibly define a process to check with your healthcare app: