My company is not a health care organization. However, we are building an online application to simplify the employee
health care/benefits enrollment process. Will the information collected through this application fall under HIPAA?
If your application will involve the electronic storage or transmission of protected health care information that can be used to identify an individual (name, address, social security number, medical history, etc.), then you may very well be covered by HIPAA... that is, at least as a business associate. Without knowing more details of your particular business model/processes, it's hard to completely determine exactly how your organization would be covered. I would suggest engaging a HIPAA consultant to assist you further.
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: Relevancy of HIPPA to a civilian government agency
Ask the Expert: Where to find statement of HIPAA security standards
Best Web Links: Securing Health Care/Health Services
Dig deeper on Security Resources
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.