eHealth or e-health is short for electronic health, and refers broadly to the use of technology and specifically electronic communication within healthcare environments. eHealth is frequently used to describe health initiatives that use the nternet as a way of delivering health information, data, or services. eHealth can also include initiatives on mobile phones, tablets and other mHealth initiatives as well.
Broadly speaking, eHealth refers to new digitally-driven health initiatives for both consumers, healthcare providers (such as doctors and hospitals) and healthcare payers (insurance companies).
eHealth applications are the software and services that manage, transmit, store or record information used in the delivery of healthcare treatment, payment or record keeping. Typically eHealth applications use the Internet to transmit and store patient data either for a provider or payer. These eHealth applications are used by doctors, hospitals, insurance providers to record patient health information, called protected health information or PHI.
eHealth applications come in a wide variety of application uses, devices, form factors and more. eHealth can include electronic health records (EHR) or electronic medical records (EMR) providers and software systems, such as EPIC EMR, along with mHealth applications such as Apple's new Healthkit and Health application.
If you're developing eHealth applications, it's important to understand what types of applications are governed by HIPAA, the Health Insurance Portability and Accountability Act. Applications that manage PHI are required by law to be HIPAA compliant.
HIPAA sets the standard for protecting sensitive patient data in eHealth applications. Signed into law in 1996, HIPAA was initially created to help the public with insurance portability. In addition, they built a series of privacy tools to protect healthcare data, including in eHealth applications.
For application developers, the first thing you need to determine is if your eHealth app will collect, store, or transmit protected health information (PHI) which is regulated by HIPAA. PHI in an electronic format is also referred to as ePHI.
PHI is any information in a medical record that can be used to identify an individual including: medical records, billing information, health insurance information, and any individually identifiable health information. These obviously include data in EMR and EHRs as well.
If the data collected will not be personally identifiable, or if the data won't be shared with covered entities (such as a doctor) then the eHealth application does not need to be HIPAA compliant. A digital pedometer, for example, does not fall under HIPAA compliance guidelines.
eHealth applications that store, transmit, or share PHI need to be HIPAA compliant. If you plan on exchanging or interacting with covered entities (such as a doctor's office), then you need to be HIPAA compliant.
If you are building an eHealth application that uses non-personally identifiable information, or are not going to be sharing the information with a covered entity, then you do not need to be HIPAA compliant.
If you plan on building an eHealth application that will handle PHI then you'll want to ensure that you're in compliance with HIPAA requirements. Using a service like TrueVault will ensure that you meet the technical and physical safeguards required to make your eHealth app HIPAA compliant. Learn more about TrueVault.
Even if you're using a HIPAA compliant hosting company for HIPAA file storage it does not mean your eHealth app is compliant. Most HIPAA compliant hosting solutions only address the physical safeguard requirements.
TrueVault's HIPAA compliant healthcare API can help make your eHealth app compliant. Try it now for free, no credit card required, and no charges until you activate your account.