{"id":6796,"date":"2020-01-21T12:25:21","date_gmt":"2020-01-21T12:25:21","guid":{"rendered":"https:\/\/www.kolabtree.com\/blog\/?p=6796"},"modified":"2020-04-21T13:48:27","modified_gmt":"2020-04-21T13:48:27","slug":"ensuring-your-medtech-is-hipaa-compliant-what-to-know","status":"publish","type":"post","link":"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/","title":{"rendered":"Ensuring Your MedTech Is HIPAA Compliant: What to Know"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_45_1 counter-flat ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" area-label=\"ez-toc-toggle-icon-1\"><label for=\"item-69f24f84c29d7\" aria-label=\"Table of Content\"><span style=\"display: flex;align-items: center;width: 35px;height: 30px;justify-content: center;direction:ltr;\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/label><input  type=\"checkbox\" id=\"item-69f24f84c29d7\"><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/#Why_Is_HIPAA_Compliance_Essential_in_MedTech\" title=\"Why Is HIPAA Compliance Essential in MedTech?\">Why Is HIPAA Compliance Essential in MedTech?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/#1_Data_Backups_Must_Be_Complete_and_Encrypted\" title=\"1. Data Backups Must Be Complete and Encrypted\">1. Data Backups Must Be Complete and Encrypted<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/#2_Communication_Channels_Must_Be_Secured\" title=\"2. Communication Channels Must Be Secured\">2. Communication Channels Must Be Secured<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/#3_Health_Care_Entities_Must_Perform_Comprehensive_Risk_Analyses\" title=\"3. Health Care Entities Must Perform Comprehensive Risk Analyses\">3. Health Care Entities Must Perform Comprehensive Risk Analyses<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/#Compliant_Medical_Services_Providers_for_a_Healthier_Future\" title=\"Compliant Medical Services Providers for a Healthier Future\">Compliant Medical Services Providers for a Healthier Future<\/a><\/li><\/ul><\/nav><\/div>\n<p><em>Freelance tech writer Kayla Matthews discusses how to make sure your medtech product is <a href=\"https:\/\/www.kolabtree.com\/find-an-expert?search=hipaa&amp;utm_source=Blog&amp;utm_medium=Post&amp;utm_campaign=HIPAA\">HIPAA complian<\/a>t.\u00a0<\/em><\/p>\n<p><span style=\"font-weight: 400;\">Rendering competent and high-quality aid to those in need is the top priority in the health care sector. These days, data security and integrity comes in at a very close second.\u00a0 <\/span><span style=\"font-weight: 400;\">Keeping patients\u2019 protected health information (PHI) safe is the very reason HIPAA (Health Information and Portability and Accountability Act) came into existence\u2014 and why it\u2019s seen several updates since technology and security expectations have matured further.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One of these changes, known as the HITECH Act of 2009, strengthened HIPAA <\/span><a href=\"https:\/\/www.hipaajournal.com\/what-is-the-hitech-act\/\"><span style=\"font-weight: 400;\">by removing exploitable loopholes<\/span><\/a><span style=\"font-weight: 400;\"> for health care organizations and creating incentives for the health care community to transition to electronic health records (EHRs). Modern health care \u2014 including historical and recent patient records \u2014 must be mobile, secure and able to follow patients between doctors and facilities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Working in health care means practicing due diligence and establishing a culture that respects HIPAA and the sovereignty and importance of accurate patient data. Expectations have become stricter over the years as the medical community has found new ways to collect and put patient data to work.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Discover what it takes to keep medical technology\u00a0\u2014 medtech\u00a0\u2014 compliant with HIPAA\u2019s ever-evolving set of requirements.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why_Is_HIPAA_Compliance_Essential_in_MedTech\"><\/span><b>Why Is HIPAA Compliance Essential in MedTech?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Compliance with HIPAA is not optional for medical service providers, known as Covered Entities. As health data has taken a central role in caregiving environments of all kinds, entities have had to reappraise the techniques they use to capture, store, transmit and communicate patient records.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Financial concerns are the first and probably most significant worry for <a href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-reproducibility-in-ai-driven-research-how-freelance-experts-can-help-in-biotech-and-healthcare\/\">healthcare<\/a> providers. In 2018, Fresenius Medical Care North America was <\/span><a href=\"https:\/\/www.hhs.gov\/hipaa\/for-professionals\/compliance-enforcement\/agreements\/fmcna\/index.html\"><span style=\"font-weight: 400;\">served a fine of $3.5 million<\/span><\/a><span style=\"font-weight: 400;\"> by the Office for Civil Rights and the Department of Health and Human Services. FMCNA agreed to the terms, including the requirement to draw up a full-scope action plan to correct multiple HIPAA violations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Financial losses are a huge part of why health care organizations must ensure strict adherence to HIPAA requirements. Compromised reputations are another.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">FMCNA provides products and services to 170,000 patients and employs more than 60,000 individuals over multiple locations and facility types. A fine like this almost invariably leads to lost trust and lost business.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Now that we know why this is essential for health care entities, why are medtech and HIPAA vital for patients?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To start, protected health information is <\/span><a href=\"https:\/\/www.independent.co.uk\/life-style\/gadgets-and-tech\/news\/nhs-cyber-attack-medical-data-records-stolen-why-so-valuable-to-sell-financial-a7733171.html\"><span style=\"font-weight: 400;\">some of the most valuable data<\/span><\/a><span style=\"font-weight: 400;\"> on the black market today \u2014 more so than financial data, including credit card numbers. PHI breaches can take longer to detect than the loss of financial data, but it\u2019s no less useful to cybercriminals.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With PHI, hackers can order medical devices and prescriptions under someone else\u2019s name, commit insurance fraud and carry out any number of other crimes that can set patients and caregiving facilities back considerably.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Consider some of the specific requirements that healthcare organizations must adhere to as they adopt medical technologies and seek new ways to improve patient outcomes.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"1_Data_Backups_Must_Be_Complete_and_Encrypted\"><\/span><b>1. Data Backups Must Be Complete and Encrypted<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Under HIPAA, health care organizations must remain consistent about how, how often and for how long they back up patient data. These requirements fall under two categories\u00a0\u2014 the health care organization\u2019s Data Backup Plan and the required Retention Period.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">HIPAA requires health care organizations to maintain full, retrievable and encrypted backups of all electronic patient health records. Additional details include:\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><b>Encryption<\/b><span style=\"font-weight: 400;\">: Data at rest must be encrypted using 256-bit AES encryption.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Redundancy<\/b><span style=\"font-weight: 400;\">: At least two or three separate storage locations.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Data in transit<\/b><span style=\"font-weight: 400;\">: Data transferred using public networks must be 256-bit AES encrypted.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Monitoring<\/b><span style=\"font-weight: 400;\">: Organizations must monitor data backups and backup plans for errors and backup failures.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Additionally, physical data repositories \u2014 like server rooms \u2014 must have robust access controls to ensure only qualified and authorized personnel may enter.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As far as retention periods go, things get slightly complicated. States have their own laws concerning how long providers must keep medical records. In Florida, it\u2019s five years after the last contact with the patient. However, HIPAA does require that health care organizations keep HIPAA-related documentation safe and secure for six years, including:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">PHI disclosure authorizations<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">PHI update and recording logs<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Risk analysis and assessment files<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Documentation concerning breach notifications<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Security reviews and system changes or audits\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Notices about the organization\u2019s privacy practices<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Health care providers managed by Medicare and Medicaid have further requirements, including retaining cost reports for five and 10 years, respectively.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"2_Communication_Channels_Must_Be_Secured\"><\/span><b>2. Communication Channels Must Be Secured<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Maintaining medical <a href=\"https:\/\/www.comparitech.com\/net-admin\/hipaa-compliance-checklist\/\">compliance<\/a> under HIPAA extends to the communication methods used by Covered Entities as well. Modern communication channels, such as telephone, email, fax and text messaging, are all a little different when it comes to being HIPAA medical compliant.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">HIPAA does not forbid the use of text messaging for transmitting PHI. If the Covered Entity has given the patient notices of the risks, and the patient has consented, health care providers may text PHI to that person and no other party. HIPAA requires audit controls for the creation and transmission of PHI, but this is difficult given the number of communication tools and operating systems in use.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In most situations, it\u2019s best to use other methods. Whatever the communication tool used, Covered Entities must account for the following:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Strong access controls for the devices sending and receiving texts<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">End-to-end encryption \u2014\u00a0an addressable concern under HIPAA<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Loss prevention for easily misplaced or stolen devices<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Faxing has long been a part of the medical community. In fact, something like <\/span><a href=\"https:\/\/www.vox.com\/health-care\/2017\/10\/30\/16228054\/american-medical-system-fax-machines-why\"><span style=\"font-weight: 400;\">75% of all communication<\/span><\/a><span style=\"font-weight: 400;\"> in the United States\u2019 healthcare industry happens via fax. Electronic, cloud-based faxing systems provide the structured, secure and encrypted ecosystem necessary to exchange this type of information safely between parties.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Unlike traditional fax systems, where all records stay on-premises and remain at risk of theft, electronic faxes <\/span><a href=\"https:\/\/softlinx.com\/healthcare-fax\/\"><span style=\"font-weight: 400;\">provide access security and auditability<\/span><\/a><span style=\"font-weight: 400;\"> for Covered Entities. E-fax systems store all communication information \u2014 including the messages themselves, plus all accompanying historical data \u2014 offsite in a vendor\u2019s secured secondary location.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Covered Entities must keep several essential protections in mind when communicating records, including:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Strong passwords or biometric authentication\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Industry-standard, on-device encryption<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Comprehensive plans for removing PHI from devices before retiring them<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Physical and digital protection for Wi-Fi networks and IT infrastructure<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Firmware and software updates for all device types as soon as they become available<\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"3_Health_Care_Entities_Must_Perform_Comprehensive_Risk_Analyses\"><\/span><b>3. Health Care Entities Must Perform Comprehensive Risk Analyses<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The failure to perform an organization-wide risk analysis is one of the top reasons why healthcare organizations get fined for violating HIPAA. Covered Entities should perform risk analyses regularly, including each time their digital infrastructure changes. Cancer Care Group, Lahey Hospital &amp; Medical Center, Cardionet and Oregon Health &amp; Science University have all shouldered fines <\/span><a href=\"https:\/\/www.hipaajournal.com\/common-hipaa-violations\/\"><span style=\"font-weight: 400;\">between $750,000 and $2.7 million<\/span><\/a><span style=\"font-weight: 400;\"> for oversights of this nature.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The methodology and results of the risk analysis will look a little different to varying organizations, but the mission and the reasons are always the same:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><b>Define how PHI flows throughout the organization<\/b><span style=\"font-weight: 400;\">: How does PHI enter the system? Where is it stored? How does it leave? Are there potential locations for leaks?<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Account for the entire PHI lifecycle<\/b><span style=\"font-weight: 400;\">: Which third parties come into contact with PHI? Other business partners? Recycling or shredding companies? Computer repair or management services?<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Know about your specific vulnerabilities<\/b><span style=\"font-weight: 400;\">: No two health care organizations are precisely alike. Weaknesses may include in-house negligence, incomplete employee training on phishing avoidance, low-quality passwords, physical threats to data storage locations like power failures and extreme weather, deliberate cyberattacks and more.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Prioritize threats by likelihood and impact<\/b><span style=\"font-weight: 400;\">: All organizational vulnerabilities should receive a threat level of Low, Medium or High to ensure teams allocate funds appropriately, and the company can drill down on the training, hiring or procedural lapses resulting from data loss.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">For a more detailed look at the risk analysis requirements under HIPAA, the government\u00a0<\/span><a href=\"https:\/\/www.healthit.gov\/topic\/privacy-security-and-hipaa\/security-risk-assessment-tool\"><span style=\"font-weight: 400;\">has a worksheet available<\/span><\/a><span style=\"font-weight: 400;\"> for health care organizations that want to ensure they\u2019ve left nothing out. The worksheet sees regular revisions as the industry and technologies change.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Compliant_Medical_Services_Providers_for_a_Healthier_Future\"><\/span><b>Compliant Medical Services Providers for a Healthier Future<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Good public health should be a priority for any civilized society. These days, however, health goes hand-in-hand with cybersecurity. The three areas above are the most frequently cited in terms of organizational non-compliance. To fix this problem, organizations must ensure they promote ongoing learning and attention to details.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">HIPAA and its changes over the years remind us how valuable health data can be \u2014 for patients and would-be data thieves alike.<\/span><\/p>\n<p><strong>Need help with<a href=\"https:\/\/www.kolabtree.com\/find-an-expert?search=hipaa&amp;utm_source=Blog&amp;utm_medium=Post&amp;utm_campaign=HIPAA\"> HIPAA compliance<\/a> or developing a medtech product? Consult freelance experts on <a href=\"https:\/\/www.kolabtree.com\/?&amp;utm_source=Blog&amp;utm_medium=Post&amp;utm_campaign=HIPAA\">Kolabtree<\/a>. It&#8217;s free to post your project and get quotes.\u00a0<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Freelance tech writer Kayla Matthews discusses how to make sure your medtech product is HIPAA compliant.\u00a0 Rendering competent and high-quality aid to those in need is the top priority in the health care sector. These days, data security and integrity comes in at a very close second.\u00a0 Keeping patients\u2019 protected health information (PHI) safe is<\/p>\n<div class=\"read-more\"><a href=\"https:\/\/www.kolabtree.com\/blog\/ensuring-your-medtech-is-hipaa-compliant-what-to-know\/\" title=\"Read More\">Read More<\/a><\/div>\n","protected":false},"author":12,"featured_media":6800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[443],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.1 (Yoast SEO v20.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Ensuring Your MedTech Is HIPAA Compliant: What to Know<\/title>\n<meta name=\"description\" content=\"A quick and clear guide to making sure your medtech is HIPAA compliant and that health care is actually delivered to the patient it was intended for.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.kolabtree.com\/blog\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ensuring Your MedTech Is HIPAA Compliant: What to Know\" \/>\n<meta property=\"og:description\" content=\"A quick and clear guide to making sure your medtech is HIPAA compliant and that health care is actually delivered to the patient it was intended for.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.kolabtree.com\/blog\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/\" \/>\n<meta property=\"og:site_name\" content=\"The Kolabtree Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/kolabtree\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-21T12:25:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-04-21T13:48:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.kolabtree.com\/blog\/wp-content\/uploads\/2020\/01\/medtech-hipaa-compliant.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"782\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ramya Sriram\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@kolabtree\" \/>\n<meta name=\"twitter:site\" content=\"@kolabtree\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ramya Sriram\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Ensuring Your MedTech Is HIPAA Compliant: What to Know","description":"A quick and clear guide to making sure your medtech is HIPAA compliant and that health care is actually delivered to the patient it was intended for.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.kolabtree.com\/blog\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/","og_locale":"en_US","og_type":"article","og_title":"Ensuring Your MedTech Is HIPAA Compliant: What to Know","og_description":"A quick and clear guide to making sure your medtech is HIPAA compliant and that health care is actually delivered to the patient it was intended for.","og_url":"https:\/\/www.kolabtree.com\/blog\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/","og_site_name":"The Kolabtree Blog","article_publisher":"https:\/\/www.facebook.com\/kolabtree","article_published_time":"2020-01-21T12:25:21+00:00","article_modified_time":"2020-04-21T13:48:27+00:00","og_image":[{"width":1280,"height":782,"url":"https:\/\/www.kolabtree.com\/blog\/wp-content\/uploads\/2020\/01\/medtech-hipaa-compliant.jpg","type":"image\/jpeg"}],"author":"Ramya Sriram","twitter_card":"summary_large_image","twitter_creator":"@kolabtree","twitter_site":"@kolabtree","twitter_misc":{"Written by":"Ramya Sriram","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/#article","isPartOf":{"@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/"},"author":{"name":"Ramya Sriram","@id":"https:\/\/www.kolabtree.com\/blog\/#\/schema\/person\/81992f5863a1b06d132a47822e7b4400"},"headline":"Ensuring Your MedTech Is HIPAA Compliant: What to Know","datePublished":"2020-01-21T12:25:21+00:00","dateModified":"2020-04-21T13:48:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/"},"wordCount":1433,"commentCount":0,"publisher":{"@id":"https:\/\/www.kolabtree.com\/blog\/#organization"},"articleSection":["Healthcare"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/","url":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/","name":"Ensuring Your MedTech Is HIPAA Compliant: What to Know","isPartOf":{"@id":"https:\/\/www.kolabtree.com\/blog\/#website"},"datePublished":"2020-01-21T12:25:21+00:00","dateModified":"2020-04-21T13:48:27+00:00","description":"A quick and clear guide to making sure your medtech is HIPAA compliant and that health care is actually delivered to the patient it was intended for.","breadcrumb":{"@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.kolabtree.com\/blog\/es\/asegurar-que-su-tecnologia-medica-cumple-con-lo-que-se-sabe\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.kolabtree.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Ensuring Your MedTech Is HIPAA Compliant: What to Know"}]},{"@type":"WebSite","@id":"https:\/\/www.kolabtree.com\/blog\/#website","url":"https:\/\/www.kolabtree.com\/blog\/","name":"The Kolabtree Blog","description":"Expert Views on Science, Innovation and Product Development","publisher":{"@id":"https:\/\/www.kolabtree.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.kolabtree.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.kolabtree.com\/blog\/#organization","name":"Kolabtree","url":"https:\/\/www.kolabtree.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kolabtree.com\/blog\/#\/schema\/logo\/image\/","url":"","contentUrl":"","caption":"Kolabtree"},"image":{"@id":"https:\/\/www.kolabtree.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/kolabtree","https:\/\/twitter.com\/kolabtree","https:\/\/instagram.com\/kolabtree","https:\/\/www.linkedin.com\/company\/kolabtree","https:\/\/en.m.wikipedia.org\/wiki\/Kolabtree"]},{"@type":"Person","@id":"https:\/\/www.kolabtree.com\/blog\/#\/schema\/person\/81992f5863a1b06d132a47822e7b4400","name":"Ramya Sriram","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kolabtree.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8100b45c960ebbbbe420e8b3f250515f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8100b45c960ebbbbe420e8b3f250515f?s=96&d=mm&r=g","caption":"Ramya Sriram"},"description":"Ramya Sriram manages digital content and communications at Kolabtree (kolabtree.com), the world's largest freelancing platform for scientists. She has over a decade of experience in publishing, advertising and digital content creation.","url":"https:\/\/www.kolabtree.com\/blog\/author\/ramyas\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/posts\/6796"}],"collection":[{"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/comments?post=6796"}],"version-history":[{"count":5,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/posts\/6796\/revisions"}],"predecessor-version":[{"id":7440,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/posts\/6796\/revisions\/7440"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/media\/6800"}],"wp:attachment":[{"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/media?parent=6796"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/categories?post=6796"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kolabtree.com\/blog\/wp-json\/wp\/v2\/tags?post=6796"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}