HIPPA Compliance
98 views
Skip to first unread message
Steven Kassakian
May 9, 2016, 1:19:58 PM5/9/16
to Cerner FHIR Developers
I am curious what others are thinking about how to maintain compliance with Hippa in deploying fhir based apps.
My application requires phi to do it's analytics. It doesn't store any phi it only returns results to the user ehr.
I am curious if my software company will need to be a business associate of each covered entity which uses our software and also we need to develop all the other policies surrounding hipaa.
Any experience on the topic?
Thanks, Steve
My application requires phi to do it's analytics. It doesn't store any phi it only returns results to the user ehr.
I am curious if my software company will need to be a business associate of each covered entity which uses our software and also we need to develop all the other policies surrounding hipaa.
Any experience on the topic?
Thanks, Steve
Andrew Torres
May 9, 2016, 1:53:20 PM5/9/16
to Cerner FHIR Developers
Steve,
This is a great question! The office for civil rights has provided some guidance on the subject[1][2]. The second link currently is not working, but the first gives a summary of what the link provided in the past. You should consult with this and understand when a BAA is required. I would review this documentation for clarity.
Thanks,
Drew
Reply all
Reply to author
Forward
0 new messages