Contact Us

OCR Issues HIPAA FAQs on Software Apps

May 6, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Medical Devices and Wearables

The U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) recently issued five new FAQs pertaining to software applications that obtain individuals’ electronic protected health information (ePHI). The FAQs describe various scenarios in which HIPAA covered entities may transmit ePHI to apps, including fitness trackers and other wearables.

In short, a covered entity that sends ePHI to an app will not be liable for unauthorized access to the PHI either in transit or after it is received by the app, unless the app was “developed for, or provided by or on behalf of the covered entity.” Further, the covered entity’s electronic health record (EHR) system developer will not be liable for unauthorized access to the ePHI unless it owns the app or has a business associate relationship with the app developer.

A covered entity may not refuse to disclose ePHI to an app because of concerns about how the app will use or disclose the ePHI. If the app will not be receiving the ePHI “on behalf of or for the benefit of” the covered entity, the covered entity and its EHR system developer need not have a business associate agreement with the app.

Share this article:
Eric D. Fader

AUTHOR

Eric D. Fader

Partner

MORE NEWS ON HIPAA

Warning: OCR HIPAA Audits Reveal Widespread Noncompliance
December 23, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation | Private Insurers

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently released an audit report on HIPAA...

Read More
Proposed HIPAA Modification Would Facilitate Care Coordination
December 17, 2020 | Eric D. Fader | Behavioral Health | COVID-19 | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy | Private Insurers

A proposed rule released by the U.S. Department of Health and Human Services on December 10 would give healthcare providers...

Read More
Bogus HIPAA Claims Are Flourishing As Pandemic Worsens
December 4, 2020 | Rivkin Rounds Staff | COVID-19 | HIPAA

A recent article in Law360, “Bogus HIPAA Claims Are Flourishing As Pandemic Worsens,” discussed how the Covid-19 pandemic is fueling false...

Read More
See more posts on HIPAA See more posts on HIPAA See more posts on HIPAA See more posts on HIPAA
Authors
show more
ARCHIVES
December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018
Authors
show more
ARCHIVES
December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018

Get legal updates and news delivered to your inbox

Attorney Advertising. Prior results do not guarantee a similar outcome.
Privacy Policy | Terms of Use | DMCA
© 2023 Rivkin Radler LLP. All Rights Reserved.