HIPAA Software Certification: Should Application Developers Get HIPAA-Certified?

Is it a good idea for a software developer to get certified for HIPAA? Not necessarily. However, if you want to take advantage of the astronomical growth that healthcare will experience through the end of the decade, then you might want to look into it. Five obstacles that you will encounter are discussed below.

• Would You Like Some Money?
• Realize that HIPAA Certification Isn’t Everything
• An Apple a Day Doesn’t Keep the Regulator Away
• Five Obstacles in Getting HIPAA Certifications
• How To Get HIPAA-Certified & Stay Compliant

Would You Like Some Money?

Many freelance developers, entrepreneurs, and tech companies get interested in tapping into the potential of the American healthcare market. It may sound like a very specific, niche focus, but consider this for a moment: Research and Markets estimates that the healthcare industry will grow 9% CAGR through 2020.

Well, after all, the baby boomers are getting older. If you don’t know about that demographic, those are the individuals who were born at a time of many US births, a stretch that followed World War II (1946 to 1964). In 2015, that population ranges in age from 51 to 69. Look at that simple fact, and you can understand why health IT is growing so rapidly.

Here’s another thing to consider: it’s not just a matter of how many people will be accessing healthcare but how many people will themselves be using technology. Does a substantial proportion of senior citizens use technology? one might reasonably wonder. The short answer is yes, and that is a recent development. Look at these stats from Pew Internet – just to get a sense of how much the first baby boomers are turning toward technology:

Percentage of online American adults aged 65+ using key social network sites:

	2013	2014
Facebook	45%	56%
Twitter	5%	10%
Instagram	1%	6%
Pinterest	9%	17%
LinkedIn	13%	21%

It may look small, but it’s trending upward fast. Just watch what happens with the 2015 and 2016 percentages, once those stats are available. That number will just keep rising. The senior population is gradually becoming more and more tech-savvy.

Realize that HIPAA Software Certification Isn’t Everything

If you decide you do want to get HIPAA-certified, though, it’s useful to realize that although certification can itself be complex, a HIPAA certification test isn’t the same thing as compliance. In order to keep yourself financially safe working in the healthcare market, you should consider that your exact role is defined within the code of the HHS Office for Civil Rights, the agency that creates regulations and enforces the Health Insurance Portability and Accountability Act of 1996 (HIPAA): business associate. Business associates must be compliant with HIPAA.

What is HIPAA certification? Let’s pause for a moment and discuss exactly what this term means. It means you are getting certified through a third-party organization (and the exact organization matters since it should be impartial and credible) to meet certain standards in safeguarding the protected health information (PHI) processed by you or your company.

You need to be ready to be a business associate, meaning that you are maintaining the compliance of all data, in alignment with established standards, to meet the rigorous demands that have been established for PHI. If that sentence sounds like a mouthful, you should be prepared for that, essentially meeting the legalese demands of fine print. After all, that is what it truly means to be HIPAA-compliant – except to the extent that you entrust third parties (such as Atlantic.Net) with your core technologies.

An Apple a Day Doesn’t Keep the Regulator Away

Apple has interested developers with its HealthKit offering, which will integrate personal information and health record information, using health apps to serve as a connection between all parties.

Although this sounds somewhat interesting, the platform is essentially dead in the water, according to health IT chief executive Dr. Michelle Longmire, who thinks that Apple purposely kept the potentials of the environment small enough that it wouldn’t be pegged for HIPAA violations and fines itself.

“If HealthKit was to do more, it might invite regulatory scrutiny of iPhones,” she said. “Apple is making far too much money selling devices and doesn’t want to slow down its development schedule. So it’s highly unlikely Apple will play a role in connecting HealthKit data to the healthcare system.”

Five Obstacles in Getting HIPAA Software Certifications

For those wondering how to become HIPAA-certified, HIT Consultant advised considering these five issues that you might encounter (just so that you understand it isn’t entirely simple):

1. You need two sets of strengths. “Becoming HIPAA compliant requires a combination of technical infrastructure and administrative protocols and procedures,” said HIT Consultant.
2. It is a profitable niche market because relatively few people understand the landscape.
3. It could take as many as 16 to 24 months of work to develop an app that’s healthcare-compliant.
4. You need for compliance to be scalable.
5. Is it worth the effort?

How To Get HIPAA-Certified & Stay Compliant

Certification is accomplished through a legitimate, independent, objective third party. If you want to take it up a notch, you can get healthcare auditing, as we have.

If you are a developer and want to get HIPAA-certified, that could be a great idea. However, that doesn’t mean you want to have to handle the technology’s infrastructure yourself.

Get HIPAA certification if it makes sense to you. Just remember that certification isn’t compliance, and it will always makes sense to work with a HIPAA Hosting Provider that provides a HIPAA-certified infrastructure within an SSAE-16-audited certification.   Our servers are all SSD Cloud Servers offering 100% uptime and redundant backup!

By Moazzam Adnan