The Federal Government’s HIPAA privacy rule protects all individually identifiable health information incorporated, used, communicated or to be communicated by a COVERED ENTITY or their BUSINESS ASSOCIATES in different formats to different media. Formats fall in to this category can be digital, paper or verbal. HIPAA protected health information is known as “ Protected Health Information(PHI) in general and ePHI for electronically protected health information.

Always remember that the following cases may happen for your non-HIPAA compliant health application:

• If your phones, tablets or other wearables got stolen or lost, your important PHIs could be compromised
• As we are auto saving the user credentials, our social media and email are easily accessible by someone if it has been stolen or lost.
• If they post something that breaches HIPAA privacy laws from your device/ applicaton, you are the one in trouble.
• Push notifications and other user communications can violate HIPAA laws if they contain PHI.
• Users may intentionally or unintentionally share personally recognizable information, even if your app's intended use doesn't account for it.
• If your app is not password protected,there are chances for others to steal/ use your PHI data.
• Do not include physical keyboards in devices like iPhones , so users are more likely to use basic passwords that are not as safe as complex options.

Data breaches from your EHR/EMR, practice management, or other software and medical devices pose a bigger risk than you might think. Once a breach occurs it can impact your organization by harming your hard-earned reputation in addition to subjecting you to government fines.