Need Of HIPAA Compliance

My firm developed a mobile application for health care and wellness industry. Do I need to make it HIPAA compliant?

If you're developing a healthcare-focused mobile application or software for wearable devices, it's important that you understand the laws around protected health information (PHI) and HIPAA compliance. While not all healthcare applications fall under HIPAA rules, those that collect, store, or share personally identifiable health information with covered entities (such as doctors and hospitals) must be HIPAA-compliant.


My firm developed a cloud application but it does not store personal data. Do I still need to have HIPAA compliance?

No. Please remember that the onus of proving that you *really* do not store data, is on you (CE). If your app is used to record and share patient information with a covered entity in any way, it must be HIPAA-compliant.

Does a data center need to HIPAA compliant, especially if it will be hosting a healthcare related application?

Yes, since it is hosting healthcare application which collect, store or transmit electronic protected health information.

If my firm wants to go for HIPAA compliance, what is the readiness required on our side?

Requirement implementation can vary from organization to organization, but as a general rule, entities are expected to complete a risk analysis, create and complete a risk management plan, conduct regular employee training, and implement updated policies and procedures.

How do we know if you're dealing with protected health information (PHI) or consumer health information?

If your device or application currently shares or will share the user's personal health data held in the app or device with a covered entity such as a doctor then you are dealing with protected health information and need HIPAA compliance software.

If you are building a wearable device or application that collects the user's personal health information, but do not plan on sharing it with a covered entity such as a doctor at any point in time, then you do not need to be HIPAA compliant and do not violate the HIPAA Privacy Rule.

What information Valency Networks requires from client for audit.

Please refer to the form here which depicts all the information that is needed to be gathered.

Do Valency Networks provide Employee Training?

On HIPAA.. yes we do but there is no retail training that we provide. We provide training as a part of entire HIPAA engagement.

What are the Devices and Equipment are need to be assessed by the Valency Networks assessment team?

Any equipment that transmits or stores PHI needs to be cataloged, as required by HIPAA laws .It include hardware, software, Network component?.etc

Do Valency Networks require all ePHI (electronic protected health information) user details?

Yes, detail of all user and employee who are accessing electronic protected health information as a part of audit. Valency Networks does not require those for any other purpose and we are always willing to take those details from customer upon signing a strict and bilateral NDA (Non Disclosure Agreement)

What should I do if I think PHI has been compromised at my organization?

Contact the HHS immediately following the Breach Notification Rule protocols. They'll tell you what to do next.

Do Valency Networks help in developing necessary policy and procedure?

Yes as a part of HIPAA compliance framework designing.

What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.