HIPAA in the Real World (Part 3): Telemedicine & HIPAA

Join our Newsletter

* indicates required
Cohen Healthcare Law Logo

So, to give you an example, I have a client who is involved in a telemedicine practice. What they’re doing is they’re creating a mobile app that connects doctors with their patients. In order to do this they want to have secure HIPAA-compliant communications between the docs and the patients.  Now, in order to do that they have to hire subcontractors.

Now, let’s think about it for a minute. The person developing the telemedicine mobile app is between you, the doc, and the patient. So, they’re really a business associate of the physician, who is a covered entity.

So, you need to have a business associate agreement in place between the physician, the covered entity, and my client, who is the mobile app developer. But, the mobile app developer then has to subcontract all of the computer coding for the app to other people. It’s going to have a variety of different subcontractors. One might do the email chat. One might do a web chat. One might do some other interface when it’s going to be the host. Each of those people has to be compliant under the security rule, or liability can be transferred upstream.

So, we have to make sure that each of those persons really is doing secure coding and putting in all of the safeguards that a security rule requires.


  • I would definitely recommend. I needed direction regarding the FDA and how the rules would affect my business. Responsive, accessible, and knowledgeable.

    Richard Freedland
    Richard Freedland GRAMedical, CEO
  • Impressive credentials are only overshadowed by their clear awareness of practical strategies to help Physicians navigate modern healthcare and achieve successful outcomes.

    James Riviezzo
    James Riviezzo Practice On Your Terms

Contact Us

Book your Legal Strategy Session now
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Start typing and press Enter to search