App Privacy and SecurityThere are now over 165,000 medical and health apps on the market, with developers ranging from solo developers to multi-billion dollar pharmaceutical companies. And the Office of Civil Rights is launching a new Q&A site to help developers new to healthcare understand more of the unique rules in this space – HIPAA.

Part of the reason that there are so many health apps is that the barrier to entry is incredibly low. With some relatively basic programming knowledge and $100, you can get an app onto the market. That also means that there are a lot of folks entering this space who aren’t familiar with some of its peculiarities like HIPAA. That doesn’t mean they shouldn’t be trying their hand at trying to address some of these health needs; getting some fresh perspectives on how we deliver health could be really valuable.

One of the most vexing and challenging issues to deal with in this space is HIPAA. Developers, even those with extensive experience in other industries, may not be familiar with the rules covering protected health information (PHI).

To help with that challenge, the Office of Civil Rights (OCR) plans on developing more detailed guidance for health apps. To start, they’ve launched a Q&A site where developers can post questions and get answers from the digital health community. OCR officials will post answers in the form of links to existing sites that are relevant to posted questions. They will also use posted questions to inform the development of the planned guidance document for developers of health apps on how HIPAA & other healthcare rules apply in the digital health space.

As they put it:

“Use this site to help OCR understand what guidance on HIPAA regulations would be helpful to you. Please tell us: What topics should we address in guidance? What current provisions leave you scratching your heads? How should this guidance look in order to make it more understandable, more accessible? Use this page to submit your questions about HIPAA. Or present a use case. Look at what your peers are discussing, comment on it and vote on which topics or use cases would be the most helpful or important to your work”.

Right now, there are a lot of questions but few answers. Hopefully, as this site gains more traction, we’ll start seeing more experienced developers or experts in HIPAA start to engage here. There’s certainly potential here to develop a powerful & relevant community resource that can help make those fresh perspectives more impactful.