December 5, 2016
We all know that “Health is wealth” and strive hard to stay fit and healthy.
Relax, I am not writing this blog to provide ways and tips on “How to be Healthy”.
But I am here to focus and emphasize on the upsurge of Health apps & wearables in the market and a major compliance called HIPAA that most of these apps have to abide by.
Ever Wondered What HIPAA means?
Many of you would have been puzzled by the term HIPAA usually mentioned in the description of many health apps available in the market. Let me introduce you to this kind of weird sounding word.
HIPAA stands for Health Insurance Portability and Accountability Act of 1996 and is a United States legislation that provides data security and privacy measures for protecting medical data.
HIPAA does the following:
HIPAA, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
Covered entities (CE), people who provides treatment, payment and operations in healthcare.
Business associates (BA), people with access to patient data and provides support in treatment, payment or operations.
How organizations can Reduce the Risk of Regulatory Action ?
Organizations can reduce the risk of regulatory action by training their employees on HIPAA compliance. The OCR (Office of Civil Rights) has six educational programs on complying with the privacy and security rules; a number of consultancies and training groups offer programs as well. Healthcare providers may also choose to create their own training programs, which often encompass each organization’s current HIPAA privacy and security policies, the HITECH Act, mobile device management processes and other applicable guidelines.
While there is no official HIPAA compliance certification program, training companies offer certification credentials to indicate an understanding of the guidelines and regulations specified by the act.
HIPAA privacy Rule:-
The HIPAA Privacy Rule addresses the saving, accessing and sharing of medical and personal information of any individual, while the HIPAA Security Rule more specifically outlines national security standards to protect health data created, received, maintained or transmitted electronically, also known as electronic protected health information (ePHI).
Dos & Don’ts of Hosting Data with a HIPAA Compliant Hosting Provider?
If you are hosting your data with a HIPAA compliant hosting provider, they must have certain administrative, physical and technical safeguards in place, according to the U.S. Department of Health and Human Services. The physical and technical safeguards are most relevant to services provided by your HIPAA compliant host as listed below, with detail on what constitutes a HIPAA compliant data center.
Another act was passed in 2009 called The Health Information Technology for Economic and Clinical Health (HITECH) Act which add on to the enforcement of HIPAA requirements by raising the penalties of health organizations that violate HIPAA Privacy and Security Rules. The HITECH Act was formed in accordance to health technology development and increased use, storage and transmittal of electronic health information.
I am sure in the past 5 mins, HIPAA no longer remains an alien term to you and the next time you read/listen HIPAA you will understand and appreciate its significance to the health tech industry and their consumers.
Now let me end with a useful insight: By 2017 the app market is expected to reach 26 billion users the key driver being the world’s aging population with its increasing need for medical care. And thus HealthCare companies should not wait any longer but join hands with technology and make this world a healthier place with a plethora of easy to use Health apps.