Comment by otterley

Comment by otterley 3 months ago

The site might be deemed a Business Associate, depending on the specific facts, which we don't fully possess. That's why I recommended the owner seek counsel.

roegerle 3 months ago

A business associate to who? The user?

Reply View 5 replies

bagels 3 months ago

A covered entity (eg. doctor, nurse, etc.)

Reply View | 4 replies
- yunwal 3 months ago
  
  How could this app possibly be considered a business associate to a provider? The provider has no idea it’s even being used, let alone a formal association with the application.
  
  Reply View | 3 replies
  
  bagels 3 months ago
  
  "Kate's App is a tool created to support medical caregivers"
  The landing page doesn't make it clear whether providers are expected to use it or not.
  
  Reply View | 0 replies
  
  otterley 3 months ago
  
  Look up the definition of “provider” in HIPAA’s text. The definition is extremely broad and doesn’t just cover doctors and pharmacists.
  
  Reply View | 1 reply
  
  yunwal 3 months ago
  
  It’s not really that broad. It amounts to medical professionals (doctors, nurses, etc.), insurers, and any systems they use to store or process data. If the medical professional or insurer is not using the app, and the app has not signed a BAA with them, then it’s not covered under HIPAA.
  https://www.hhs.gov/hipaa/for-professionals/covered-entities...
  
  Reply View | 0 replies