Health apps and HIPAA: under what circumstances is health data protected health information?

June 17, 2014 | Reply More

Image Credit: Intel Free Press

As the market for wearables (and their accompanying apps) that collect serious  health data (like blood sugar levels) grows, so do concerns over personal data security and privacy issues. This evolution of wearables and health data begs the question: “under what circumstances does the health data collected by consumer devices and apps become ‘protected health information (PHI)’” regulated under the Health Insurance Portability and Accountability Act (HIPAA).

Adam Greene, a partner in the Health IT/HIPAA practice at Washington DC law firm Davis Wright Tremaine spoke to Venture Beat, explaining that “right now, there’s a big distinction between apps that were created for use by healthcare providers and apps that were intended for use by consumers… it’s certainly something that the health companies have to be aware of, but in general HIPAA doesn’t apply to consumer data.” However, this may not be the case for long. As the next generation of consumer apps begins transmitting patient data to the cloud, where health care providers will be able to access it and thus provide the consumer with health advice based on the information gained from his or her app, HIPAA regulations will come into effect. Jason Wang, founder and CEO of TrueVault, an an API that readies health apps for HIPAA compliance, says “consumers want to be able to share their health data with their doctor and have him or her send back feedback like ‘you need to run more’ or ‘you need to eat less… [but] any information that’s used in the course of a healthcare service is protected health information and needs to be HIPAA compliant.”


Read more and tell your thoughts on HIPAA regulations in the connected health wearables space.

Category: Archives, In The News, Industry News, News

Leave a Reply