The U.S. Department of Health and Human Services Office for Civil Rights released a new set of Health Insurance Portability and Accountability Act FAQs addressing the applicability of HIPAA to certain health apps and the covered entities and business associates that interact with them.

These FAQs build upon prior guidance from OCR that outlined the framework for evaluating whether a health app developer must comply with HIPAA, but tackle a different question — when are covered entities or business associates liable under HIPAA for the subsequent misuse of electronic protected health information by a health app developer?

To read the full article please visit