

Ask HN: How to make your app/site HIPAA complaint - alecsmart1

Hello! Am trying to develop an app &amp; webapp which I would like to be HIPAA complaint. I&#x27;ve searched the internet for hours but am unable to find any single guide that I can use to ensure that it is so. Is there any sort of checklist that I can use? Do I need to get some certification from somewhere or can I advertise that it is complaint after that?
======
MalcolmDiggs
It's an extremely broad and far-reaching piece of legislation. The relevant
laws have also been modified and augmented since the original passage (through
the HITECH act in 2009, and the final Omnibus ruling in 2013, as well as
others). And yes there are various types of audits you should pass before
claiming your site is compliant.

Your first step is to hire an attorney, there really isn't any way around it.
If you want to get a feel for the complexity, you should start by reading the
laws yourself. Title II is the most relevant to your questions. Or for a
cliff-note summary read the wiki page:
([http://en.wikipedia.org/wiki/Health_Insurance_Portability_an...](http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act)).
The actual text of the legislations should be linked from there.

