truevault-safe / hipaa-compliance-developers-guide Goto Github PK

I'm just getting started with all this HIPAA stuff. It seems like most of the bullet points in 04 HIPAA Security Rule.md need their own .md, or at least a link to learn about the requirements more in-depth. What would be the best way to structure it, if I were to put some stuff together and submit a pull request?

1. Expand bullet points within existing document
2. Include new documents at the root level, e.g. 04.2.1 Unique User Identification.md
3. Add subfolders, e.g. hipaa-compliance-developers-guide/04 HIPAA Security Rule/02 Technical/01 Unique User Identification.md

Also, where's a good place to start to dive into such topics and begin putting something together? The official combined text of the rule? The HIPAA Security Rule Educational Paper Series?

There should be a section in "09 Mobile Applications.md" talking about encryption and security of the PHI data stored on mobile as we have to adhere to encryption at rest and at transit.
Need more elaboration on API calls between the mobile application and back-end server where mobile application transfer the PHI data which later used by covered entity.
If you are okey I can add and raise PR, please let me know

It doesn't send anything through the wire nor store anything online. A user may import patient data and export it back on the local machine. I assume this is fine assuming the machine itself is hipaa compliant.

So, I have a question: for an completely offline desktop application, can we say it is hipaa compliant?

Thank you!

Hey TrueVault,

This is really a great resource. Thank you for putting it together. My question is on content licensing. Any consideration as to a CC style license, https://creativecommons.org/licenses/ ?

Many thanks!