New portal to clear up HIPAA regs for mobile developers

A new online portal is designed to help mobile health technology developers better understand HIPAA privacy and security issues. 

The Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) established the portal in response to calls from legislators. In September 2014, Reps. Tom Marino (R-Pa.) and Peter DeFazio (D-Ore.) wrote to HHS Secretary Sylvia Mathews Burwell urging the agency to clarify and update HIPAA regulations for mobile application developers.

The letter asks federal officials to clarify HIPAA obligations for services storing data on the cloud; offer implementation standards through OCR; recruit employees who can work with startups to produce HIPAA-compliant products; and update the steps vendors must take to comply with HIPAA.

OCR said the platform will help the agency better determine where to focus its guidance for developers, especially those involved in mobile health technology.

Anyone can browse the site and visitors also can register with the website. User identities and email addresses will be anonymous to OCR. Registered users have the ability to offer comments on other submissions, submit questions and vote on the relevancy of topics.

OCR noted that posting or commenting on a question will not result in enforcement action.

"We are experiencing an explosion of technology using data about the health of individuals in innovative ways to improve health outcomes," OCR said in an announcement. "Building privacy and security protections into technology products enhances their value by providing some assurance to users that the information is safe and secure and will be used and disclosed only as approved or expected. ... Yet many mHealth developers are not familiar with the HIPAA rules and how the rules would apply to their products."

The platform is a step in the right direction, according to ACT | The App Association, which urged Congress last year to press HHS for more clarity. While mobile connectivity "is poised to revolutionize healthcare by giving individuals greater access to their own health information and improving patient outcomes," said ACT Executive Director Morgan Reed. "Unfortunately, a major obstacle to realizing the benefits of mobile health technology has been uncertainty around HIPAA. We pledge to work with OCR to get resolution in these areas and to make this resource work best for companies committed to helping us live healthier through mobile technology."

Beth Walsh,

Editor

Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.