What do I need to do to be Hipaa compliant?

B

Brandons404

New Member
Jurisdiction
Missouri
I'm a software engineer looking to build an application in the medical field. A big focus of the application will be that it is Hipaa compliant. I am unsure about the steps I need to take in order to ensure I make the application Hipaa compliant after lots of research, and figured I should ask an expert instead.

Does my app need to be audited? Do I need some kind of approval, or do I just attempt to build it in a way to avoid common hacks and databreaches?

Thanks.
 
HHH.gov has comprehensive explanations of HIPAA (all caps), an acronym for the Health Insurance Portability and Accounting Act, not to be confused with the often-mistaken little creature caled Hippa (Hippa - Wikipedia).

Summary of the HIPAA Security Rule | HHS.gov

That page has links to the federal statutes in addition to explanations.

Keep in mind that state laws may have additional requirements.

If you intend to make a lot of money with your software, it would be a good idea to have it reviewed by an appropriate attorney.
 
Brandons404 said:
I'm a software engineer looking to build an application in the medical field. A big focus of the application will be that it is Hipaa compliant. I am unsure about the steps I need to take in order to ensure I make the application Hipaa compliant after lots of research, and figured I should ask an expert instead.

Does my app need to be audited? Do I need some kind of approval, or do I just attempt to build it in a way to avoid common hacks and databreaches? I would like Hipaa compliance to be one of the selling points.

Thanks.
Click to expand...
adjusterjack said:
HHH.gov has comprehensive explanations of HIPAA (all caps), an acronym for the Health Insurance Portability and Accounting Act, not to be confused with the often-mistaken little creature caled Hippa (Hippa - Wikipedia).

Summary of the HIPAA Security Rule | HHS.gov

That page has links to the federal statutes in addition to explanations.

Keep in mind that state laws may have additional requirements.

If you intend to make a lot of money with your software, it would be a good idea to have it reviewed by an appropriate attorney.
Click to expand...
Thank you for your reply! Where could I go to find the appropriate attorney?

Thanks again
 
HIPAA is required when your software is used by covered entities (pretty much meaning anybody who bills for medical services). That's not the end-all of government compliance. Anything that begins to enter into an aspect of patient care becomes a medical device and a large section of the regs common referred to by the FDC Act called 510(k) comes in. That's more onerous than HIPAA compliance. Believe me, I ran a software company for years that built software to process MRI images.
 

Share this page

Get a free case review from a lawyer
Back
Top