SlideShare a Scribd company logo
1 of 4
Download to read offline
Analysis of the HIPAA Privacy and Security
 Rules and Their Implications for Mobile
         Health Care Applications




                                           Matt Mendrala
                              Architecture & Mobile Strategy




DISTRIBUTION STATEMENT: Distribution authorized Aspenware Internet Solutions. Other requests for this document
               shall be referred to the author via e-mail address: m.mendrala@aspenware.com.




                                                                                                                 1
Executive Summary

This report analyzes the implications of the HIPAA rules for mobile health care
applications and recommends next steps for developing an end-to-end
architecture that will ensure HIPAA compliance for mobile health care
applications. We believe that a mobile-ready HIPAA-compliant architecture would
create significant opportunities to serve the health care industry as it continues to
embrace mobile applications as a means to save money and improve patient
care.


Background

The Health Insurance and Portability Act of 1996 (HIPAA), which became
effective on April 14, 2001, establishes a set of rules and regulations for
safeguarding individually identifiable health information. HIPAA compliance is a
major concern for health care providers and their affiliates. The Health
Information Technology for Economic and Clinical Health (HITECH) Act, enacted
as part of the American Recovery and Reinvestment Act of 2009, and the Patient
Protection and Affordable Care Act of 2010, which mandates standardized billing
and requires health plans to begin adopting and implementing rules for the
secure, confidential, electronic exchange of health information, have put
additional pressure on health Care providers and their affiliates to ensure that
they are HIPAA compliant.

When HIPAA was passed, the dot-com boom was just getting under way and
smartphones had not yet been invented. Today, people routinely access personal
information online using their computers and smartphones and the health Care
industry has started to embrace electronic billing and medical records as a way to
reduce costs and improve quality of care. Healthcare providers are also starting
to embrace mobile as a channel for providing health care services. These trends
will continue to put pressure on health Care providers and their affiliates to
ensure HIPAA compliance. This is expected to increase demand for HIPAA-
complaint IT infrastructure and services to support the transition to electronic
billing and medical records and a myriad of online and mobile health Care
applications.

We have analyzed the implications of the HIPAA rules for mobile applications.
The results of this analysis are presented in the next section. The last section of
this report recommends next steps to move forward with development of a
mobile-ready, end-to-end, HIPAA-compliant architecture.




                                                                                      2
Go To engage.aspenware.com/mobilehealth
      to download the entire report.
                                           Or contact us at:

                                    j.fellows@aspenware.com

                                             303.798.5458




DISTRIBUTION STATEMENT: Distribution authorized Aspenware Internet Solutions. Other requests for this document
               shall be referred to the author via e-mail address: m.mendrala@aspenware.co



                                                                                                                 3
4

More Related Content

More from Aspenware

Taking the Share out of Sharepoint: SharePoint Application Security.
Taking the Share out of Sharepoint: SharePoint Application Security.Taking the Share out of Sharepoint: SharePoint Application Security.
Taking the Share out of Sharepoint: SharePoint Application Security.Aspenware
 
Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Aspenware
 
Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Aspenware
 
Building a Windows Store App for SharePoint 2013
Building a Windows Store App for SharePoint 2013Building a Windows Store App for SharePoint 2013
Building a Windows Store App for SharePoint 2013Aspenware
 
Aspenware TechMunch presents: mobile communities of interest
Aspenware TechMunch presents: mobile communities of interestAspenware TechMunch presents: mobile communities of interest
Aspenware TechMunch presents: mobile communities of interestAspenware
 
Hate JavaScript? Try TypeScript.
Hate JavaScript? Try TypeScript.Hate JavaScript? Try TypeScript.
Hate JavaScript? Try TypeScript.Aspenware
 
Understanding Game Mechanics
Understanding Game MechanicsUnderstanding Game Mechanics
Understanding Game MechanicsAspenware
 
What people are saying about working with Aspenware.
What people are saying about working with Aspenware.What people are saying about working with Aspenware.
What people are saying about working with Aspenware.Aspenware
 
Aspenware Customer Labs lift line experience
Aspenware Customer Labs lift line experienceAspenware Customer Labs lift line experience
Aspenware Customer Labs lift line experienceAspenware
 
Aspenware 2013 consulting program
Aspenware 2013 consulting programAspenware 2013 consulting program
Aspenware 2013 consulting programAspenware
 
On Culture and Perks
On Culture and PerksOn Culture and Perks
On Culture and PerksAspenware
 
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...Aspenware
 
Fast multi touch enabled web sites
Fast multi touch enabled web sitesFast multi touch enabled web sites
Fast multi touch enabled web sitesAspenware
 
Business considerations for node.js applications
Business considerations for node.js applicationsBusiness considerations for node.js applications
Business considerations for node.js applicationsAspenware
 
Restful web services with nodejs
Restful web services with nodejsRestful web services with nodejs
Restful web services with nodejsAspenware
 

More from Aspenware (15)

Taking the Share out of Sharepoint: SharePoint Application Security.
Taking the Share out of Sharepoint: SharePoint Application Security.Taking the Share out of Sharepoint: SharePoint Application Security.
Taking the Share out of Sharepoint: SharePoint Application Security.
 
Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)
 
Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)Implementing Scrum with Microsoft Team Foundation Service (TFS)
Implementing Scrum with Microsoft Team Foundation Service (TFS)
 
Building a Windows Store App for SharePoint 2013
Building a Windows Store App for SharePoint 2013Building a Windows Store App for SharePoint 2013
Building a Windows Store App for SharePoint 2013
 
Aspenware TechMunch presents: mobile communities of interest
Aspenware TechMunch presents: mobile communities of interestAspenware TechMunch presents: mobile communities of interest
Aspenware TechMunch presents: mobile communities of interest
 
Hate JavaScript? Try TypeScript.
Hate JavaScript? Try TypeScript.Hate JavaScript? Try TypeScript.
Hate JavaScript? Try TypeScript.
 
Understanding Game Mechanics
Understanding Game MechanicsUnderstanding Game Mechanics
Understanding Game Mechanics
 
What people are saying about working with Aspenware.
What people are saying about working with Aspenware.What people are saying about working with Aspenware.
What people are saying about working with Aspenware.
 
Aspenware Customer Labs lift line experience
Aspenware Customer Labs lift line experienceAspenware Customer Labs lift line experience
Aspenware Customer Labs lift line experience
 
Aspenware 2013 consulting program
Aspenware 2013 consulting programAspenware 2013 consulting program
Aspenware 2013 consulting program
 
On Culture and Perks
On Culture and PerksOn Culture and Perks
On Culture and Perks
 
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...
Maintaining Culture and Staying True to Your Values in Times of Change: Tye E...
 
Fast multi touch enabled web sites
Fast multi touch enabled web sitesFast multi touch enabled web sites
Fast multi touch enabled web sites
 
Business considerations for node.js applications
Business considerations for node.js applicationsBusiness considerations for node.js applications
Business considerations for node.js applications
 
Restful web services with nodejs
Restful web services with nodejsRestful web services with nodejs
Restful web services with nodejs
 

Recently uploaded

Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 

Recently uploaded (20)

Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 

ABSTRACT: Analysis of the hipaa privacy and security rules and their implications for mobile health care applications

  • 1. Analysis of the HIPAA Privacy and Security Rules and Their Implications for Mobile Health Care Applications Matt Mendrala Architecture & Mobile Strategy DISTRIBUTION STATEMENT: Distribution authorized Aspenware Internet Solutions. Other requests for this document shall be referred to the author via e-mail address: m.mendrala@aspenware.com. 1
  • 2. Executive Summary This report analyzes the implications of the HIPAA rules for mobile health care applications and recommends next steps for developing an end-to-end architecture that will ensure HIPAA compliance for mobile health care applications. We believe that a mobile-ready HIPAA-compliant architecture would create significant opportunities to serve the health care industry as it continues to embrace mobile applications as a means to save money and improve patient care. Background The Health Insurance and Portability Act of 1996 (HIPAA), which became effective on April 14, 2001, establishes a set of rules and regulations for safeguarding individually identifiable health information. HIPAA compliance is a major concern for health care providers and their affiliates. The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, and the Patient Protection and Affordable Care Act of 2010, which mandates standardized billing and requires health plans to begin adopting and implementing rules for the secure, confidential, electronic exchange of health information, have put additional pressure on health Care providers and their affiliates to ensure that they are HIPAA compliant. When HIPAA was passed, the dot-com boom was just getting under way and smartphones had not yet been invented. Today, people routinely access personal information online using their computers and smartphones and the health Care industry has started to embrace electronic billing and medical records as a way to reduce costs and improve quality of care. Healthcare providers are also starting to embrace mobile as a channel for providing health care services. These trends will continue to put pressure on health Care providers and their affiliates to ensure HIPAA compliance. This is expected to increase demand for HIPAA- complaint IT infrastructure and services to support the transition to electronic billing and medical records and a myriad of online and mobile health Care applications. We have analyzed the implications of the HIPAA rules for mobile applications. The results of this analysis are presented in the next section. The last section of this report recommends next steps to move forward with development of a mobile-ready, end-to-end, HIPAA-compliant architecture. 2
  • 3. Go To engage.aspenware.com/mobilehealth to download the entire report. Or contact us at: j.fellows@aspenware.com 303.798.5458 DISTRIBUTION STATEMENT: Distribution authorized Aspenware Internet Solutions. Other requests for this document shall be referred to the author via e-mail address: m.mendrala@aspenware.co 3
  • 4. 4