We’ve written about HIPAA related to medical apps several times on iMedicalApps. We recently wrote a clinician’s guide to HIPAA and security in medical design. In a sign of how confusing health privacy is related to medical apps, The Department of Health and Human Services recently issued new guidance and created a website just to deal with HIPAA related to medical apps.
Apple has now listed a job posting for a lawyer with significant experience related to HIPAA and health privacy laws. The part of the job responsibilities most interesting to me: “privacy by design reviews and projects” and “assist with privacy complaints and breaches”.
I think these two focuses are largely related to Apple’s ResearchKit and CareKit platforms. There are now more than 15 academic institutions that have developed ResearchKit apps with medical studies currently underway. Even though the CareKit platform was just recently launched, several CareKit apps have already launched. CareKit apps are uniquely different from ResearchKit as they collect personal data that can be shared directly with physicians, nurses, and family members — having rigorous privacy measures in place is critical for this.
The hard thing about hiring a HIPAA specialist for medical apps is the laws themselves are confusing and ever changing. Personally I’d like to see both Apple and Google focus more on cleaning up their health and medical sections from apps that have the potential to harm patients.