By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    An Expert’s Guide To Building and Improving Endurance
    June 30, 2022
    medical assistants
    What Do Medical Assistants Do On a Day to Day Basis?
    April 5, 2022
    superfoods to help with prostate health
    10 Healthy Foods That Can Help Protect Your Prostate
    August 29, 2022
    Latest News
    Why Custom Telemedicine Apps Outperform Off‑the‑Shelf Solutions
    July 20, 2025
    How Probate Planning Shapes the Future of Your Estate and Family Care
    July 17, 2025
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    pfizer and clinical data transparency
    Pfizer to Expand Clinical Trial Data Access, Takes Step Toward Transparency
    December 6, 2013
    Improving Healthcare Services And Management Through Tech Integration
    June 9, 2020
    obamacare and the uninsured
    Why Hospitals Are Still Gouging the Uninsured
    January 7, 2014
    Latest News
    How IT and Marketing Teams Can Collaborate to Protect Patient Trust
    July 17, 2025
    How Health Choices and Legal Actions Intersect After an Injury
    July 17, 2025
    How communities and healthcare providers can address slip and fall injuries with legal awareness
    July 17, 2025
    Let Your Lawyer Handle the Work Before You Pay Medical Costs
    July 6, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: What Developers Need to Know About HIPAA Compliance in Wearable Tech
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > Medical Devices > What Developers Need to Know About HIPAA Compliance in Wearable Tech
BusinesseHealthMedical DevicesMobile HealthPolicy & LawTechnology

What Developers Need to Know About HIPAA Compliance in Wearable Tech

morgan_truevault
morgan_truevault
Share
10 Min Read
wearable tech and HIPAA compliance
SHARE

With dozens of products already on the market and more on the way, it’s clear that wearable tech is only going to grow in popularity with consumers. From Fitbit to Jawbone Up, Nike Fuel Band and more, these devices are tracking more consumer health data than ever.

Contents
What Is HIPAA?HIPAA Privacy RequirementsUnderstanding Protected Health InformationConsentAdditional Reading:

With dozens of products already on the market and more on the way, it’s clear that wearable tech is only going to grow in popularity with consumers. From Fitbit to Jawbone Up, Nike Fuel Band and more, these devices are tracking more consumer health data than ever. While popular wearables are tracking steps and calories today, it’s likely that they will track things like hydration, heart rate and more in the next few months—especially if rumors about Apple’s Healthbook are true.

wearable tech and HIPAA complianceIt’s no surprise then that consumers and healthcare professionals alike see the potential in sharing this data with one another in order to better manage patient care. With constant collection and the ability to connect and share information via Bluetooth or via the Web to other systems, wearables promise an infinitely easier way to monitor patients than the current state of patient journaling in activity logs.

However, there’s a big gap in the legal requirements between health data collected for a consumer’s personal use and that used as part of a relationship with a HIPAA covered entity such as a doctor. Consumer health data stored on a device for a consumer’s personal use isn’t subject to HIPAA compliance rules; but as soon as that information is potentially part of an exchange with a doctor or other healthcare provider, the data on the device and stored as part of your application fall under HIPAA regulations.

More Read

Top 5 Advantages Of A Heart Rate Monitor – For Workouts And Daily Life
The Doctor Will Skype You Now: Changing How We Go to the Doctor
Mobile Health Around the Globe: Bringing Telemedicine to Remote Areas in Latin America
Stop Worrying About Your Lifespan – Your Healthspan Really Matters
Negotiation Strategies For Hospitals And Doctors To Implement

If you’re building software for wearable tech and plan to make sharing that data with healthcare providers possible, it’s essential that you understand HIPAA laws in order to ensure compliance before bringing that app or product to market.

What Is HIPAA?

HIPAA stands for the Federal Health Insurance Portability and Accountability Act of 1996. The purpose of this law, according to the United States Department of Health and Human Services, is to ensure confidentiality of all healthcare information, to help ensure people are able to get and keep insurance, and to keep spending for administrative costs under control.

The main thing that developers need to understand is the security portion of these laws, because information potentially transmitted by your application to a covered entity such as a doctor or insurance provider is covered by HIPAA.

In January 2013, HIPAA was updated via the Final Omnibus Rule. Within this update, there are two things that affect developers of wearable tech and various mobile devices directly:

  • The first is that software developers who build applications that track, store and share healthcare information with covered entities are now required to be HIPAA compliant and meet the standards laid out in the HIPAA Security Rule, which includes the Administrative, Technical and Physical Safeguard requirements for health-related data.

  • The second is a change in the definition of a privacy breach. According to this new addendum, it is up to business associates (any party that handles private health information) such as an application developer, hosting provider, or a company like TrueVault, to determine whether or not something actually has to be reported as a breach. For example, if a wearable containing healthcare data was hacked, healthcare information that was exposed in the hack would require the reporting of a breach. However, if a device is hacked but the information stored on the device is not decrypted, then there would be no breach violation.

Due to the heavy fines and other sanctions allowed under HIPAA—and the simple fact that a person’s personal health information should remain private and secure—understanding the requirements of the Security Rules is crucial to ensure HIPAA compliance for the applications you develop for any wearable.

HIPAA Privacy Requirements

Before you start building, you want to have a good handle on what does and does not constitute HIPAA compliance in your technical and physical safeguards. For example, HIPAA compliant hosting will satisfy physical safeguards but not technical safeguard requirements. Noncompliance on these laws can come with up to $50,000 in penalties depending on the amount of privacy (aka data) that was lost.

The privacy details that developers need to always use include the following:

  • All data should be protected by passwords and user authentication methods.
  • Encryption must be used to protect data.
  • There must be a way to remotely wipe or disable the data.
  • File sharing should not be included on the device.
  • Firewalls should always be put in place and enabled properly.
  • All devices should have security software that is regularly updated.

You can learn more about the specific requirements for each element in this checklist for HIPAA compliance for developers.

Understanding Protected Health Information

Certain health details are considered protected health information (PHI), while other data collected by wearables is not considered covered by HIPAA. Things like number of heartbeats in a given time, number of steps a person takes, or a person’s sleep history are not technically considered PHI and would not fall under the parameters of HIPAA. However, and this is where it can get confusing, if the data is transferred in any way to a medical professional, including hospitals, doctors, and 3rd party companies in the course of providing a healthcare service, such as a diagnosis or treatment, then it automatically is covered by HIPAA because it is then considered a part of the patient’s health records. Of course, any of the wearable tech used specifically in the medical field to monitor patients is most certainly covered by HIPAA laws.

Consent

Most wearable tech at this time doesn’t even acknowledge HIPAA. However, as these devices become more popular, the demand to use this information in patient health management will increase. If you’re developing for wearable technology and your software and the data collected have a realistic potential of becoming part of the patient record you want to decide upfront if you should develop in a HIPAA compliant environment.

One additional thing to consider, a consent of some type might make sense during the first installation or use of your app. The consent simply needs to state that the user of the wearable tech is giving full consent for the data recorded by the device to someone else. This way, the software developer has a record of the user opting in to providing this data as part of using the software.

As wearable tech becomes more popular, there is a good chance that the US Department of Health and Human Services, as well as governing entities in Canada and the UK, will start issuing more guidance around the collection and sharing of wearable-collected data to ensure it conforms to the privacy and protection standards outlined in the HIPAA rules.

A HIPAA violation can come with a high price tag, so it’s critical that as a developer you work with your product team to determine whether you need to be HIPAA compliant or not, and then implement the proper administrative, technical and physical safeguards to comply with the law if you ultimately decide that you do.

Of course, if you use TrueVault as part of your build, we take care of the technical and physical safeguard requirements for you, enabling you to check those boxes and get on with the development of your software.

Additional Reading:

US Department of Health and Human Services, http://www.hhs.gov/ocr/privacy/

Why the New HIPAA Is Good for Mobile Health Developers, http://mobihealthnews.com/25889/why-the-new-hipaa-is-good-for-mobile-health-developers/

Rutgers Computer and Technology Law Journal, “New Technologies Potentially Raise HIPAA concerns.”http://www.rctlj.org/2013/02/new-technologies-potentially-raise-hipaa-concerns/

(HIPAA and wearable tech / shutterstock)

TAGGED:HIPAApatient dataPrivacywearable tech
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

botox certification
Help Improve People’s Skin Health Via Botox Certification
Skin Specialties
July 22, 2025
Telemedicine Apps
Why Custom Telemedicine Apps Outperform Off‑the‑Shelf Solutions
Health
July 20, 2025
Grounded Healing: A Natural Ally for Sustainable Healthcare Systems
How IT and Marketing Teams Can Collaborate to Protect Patient Trust
Global Healthcare Policy & Law
July 17, 2025
paramedics in surgical gloves and masks
How Health Choices and Legal Actions Intersect After an Injury
Health care
July 16, 2025

You Might also Like

meditation app development
Technology

Developing Meditations Apps to Fight the Mental Health Crisis

August 9, 2023

Why This Lawyer Won’t Sue Me

July 3, 2011
elder care
Home HealthTechnology

Robots Caring for the Elderly?

May 24, 2013
Health careWellness

How Your Job Can Impact Your Health

December 11, 2018
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?