What are my options for developing a HIPAA compliant application?

When building a HIPAA compliant application, your non-technical team should worry about HIPAA’s administrative requirements. Developers should focus on the physical and technical aspects of the HIPAA Security Rule.

There are three main paths for building a HIPAA compliant application):

Decide that you’re not going to have PHI in your system and don’t need to worry about HIPAA compliance. This is the easiest choice, but remember, there’s no safe harbor with HIPAA. Just because you may not intend to handle PHI doesn’t opt you out of HIPAA compliance requirements.
Decide that you’ll build out the compliance requirements yourself. Many of the safeguards are standard parts of today’s apps, login, auto-logout, etc. You can build many of these as part of your core infrastructure. Others are not so easy to build and maintain.
You outsource your HIPAA compliance. Using a service like TrueVault you are guaranteed compliance with the technical and physical safeguard requirements by storing any PHI in the cloud in TrueVault’s secure data store.

Latest Posts

Should Utah's Privacy Law Be on Your Radar?

Phillip Walters / November 17, 2022

Connecticut’s Privacy Law: Does It Apply to Your Business?

Phillip Walters / November 10, 2022

Global Privacy Control: A New Requirement for Compliance

Phillip Walters / November 7, 2022

What are my options for developing a HIPAA compliant application?

Latest Posts

Should Utah's Privacy Law Be on Your Radar?

Connecticut’s Privacy Law: Does It Apply to Your Business?

Global Privacy Control: A New Requirement for Compliance

Mailing List

Company

Developers

Latest Posts

Contact Us