Question: Our clinicians are using more and more apps for a variety of reasons, including clinical decision-making and prescribing. How can we know which apps must comply with HIPAA and which don’t need to?
Answer: Whether a software application must comply with HIPAA or other federal privacy laws depends on a myriad of factors. Thankfully, you now have a user-friendly tool to help you find the answer.
“Apps are great. They can help with delivering treatment far more efficiently,” said Mary Beth Gettins of Gettins’ Law in an April 22 blog posting. Apps can improve quality of care, communication with patients, education, and tracking and monitoring illnesses.
“However, all the information that we are importing, accessing, and storing is sensitive information,” Gettins noted. “And, at the end of the day, you don’t want it falling in the wrong hands or being used to the patient’s detriment.”
The Federal Trade Commission (FTC) recently designed a new “litmus test” to pinpoint which apps must comply with HIPAA guidelines simply by answering the following 10 questions (see www.ftc.gov/tips-advice/business-center/guidance/mobile-health-apps-interactive-tool):