From the OCR Website:
We are experiencing an explosion of technology using data about the health of individuals in innovative ways to improve health outcomes. Building privacy and security protections into technology products enhances their value by providing some assurance to users that the information is safe and secure and will be used and disclosed only as approved or expected. Such protections are sometimes required by federal and state laws, including the HIPAA Privacy, Security and Breach Notification Rules.
Yet many mHealth developers are not familiar with the HIPAA Rules and how the rules would apply to their products. Use this site to help OCR understand what guidance on HIPAA regulations would be helpful to you.Please tell us: What topics should we address in guidance? What current provisions leave you scratching your heads? How should this guidance look in order to make it more understandable, more accessible? Use this page to submit your questions about HIPAA. Or present a use case. Look at what your peers are discussing, comment on it and vote on which topics or use cases would be the most helpful or important to your work.
OCR launched this platform for mobile health developers and others interested in the intersection of health information technology and HIPAA privacy and security protections. Anyone may browse the site. Users who want to submit questions, offer comments on other submissions or vote on the relevancy of the topic can register using their email addresses, but their identities and addresses are anonymous to OCR. Posting or commenting on a question on this site will not subject anyone to enforcement action.