00 Table of Contents.md

Table of Contents

01 — Introduction

• 2013 Final Omnibus Rule Update
• Why this guide?
• Who is this guide for?
• Build on our work
• Questions/Feedback
• Mandatory Disclaimer

02 — What is HIPAA?

• Background
• 2013 Final Omnibus Rule Update
• The Four Rules of HIPAA
• Important Terms to Know
  • Protected Health Information
  • The Difference Between PHI and Consumer Health Information
  • Covered Entity
  • Business Associate
  • No Safe Harbor Clause

03 — Do I Need to Be HIPAA Compliant?

• Who Needs to Be HIPAA Compliant?

04 — HIPAA Security Rule

• 3 Parts to the HIPAA Security Rule
  • Administrative Safeguards
  • Technical Safeguards
    • Access Control Safeguards
    • Transmission Security
    • Audit and Integrity
  • Physical Safeguards
    • Facility Access Controls
    • Device and Media Controls
    • Workstation Security
• Required vs. Addressable Specifications

05 — Becoming HIPAA Compliant

• What Does HIPAA Require
• What it Means for Developers
• If We're Being Honest

06 — Who Certifies HIPAA Compliance

• The Short Answer
• But Texas

07 — HIPAA Fines

• Unencrypted Data
• Employee Error
• Data Stored on Devices
• Business Associates

08 — Developer Considerations

• Build vs. Buy
• Unintended Use Cases
• HIPAA Hosting and Compliance
  • Does Using HIPAA Hosting Make My Application HIPAA Compliant?
  • What Data Should Be Stored in HIPAA Compliant Hosting Environments?
  • What Makes a Hosting Environment HIPAA Compliant?
  • Network and Application Security
  • High-Availability and Redundancy
  • Required vs. Addressable HIPAA Implementation Specifications

09 — Mobile Applications

• Use Cases
• PHI in the Application
• User Communication
  • Email
  • Database/API Calls
• Push Notifications
• Physical Phone Security
  • Using the Lock Screen
  • Enabling Remote Wiping of Lost Phones

10 — Wearable Applications

• Considerations for Wearables
  • Alerts and Notifications
  • Default Displays
  • APIs and Data Sharing
  • Medical Devices
  • Data Encryption
  • Data Synching

11 — Apple HealthKit and iOS 8

• TrueVault iOS 8 SDK
• iOS 8 Health-Related Announcements
• Apple HealthKit Announcements

12 — About TrueVault

• Built for Developers Like You
• HIPAA Compliant
• BAA + Insurance
• Startups
• Mobile Apps
• Web Apps
• Wearable Health Tech Devices
• Why People Like TrueVault
• Try TrueVault for Free