Mental Health Apps, HIPAA Compliant Apps

HIPAA Compliant Apps


June 9, 2017 | Reading Time: 2 Minutes

Please support’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker. How

How to Choose HIPAA Compliant Apps

Choosing HIPAA compliant apps are an important element of running your behavioral health practice. Patients are looking to communicate with their doctors and health care providers more than ever before. And with access to health care data via patient portals and apps becoming increasingly popular, your practice needs to be prepared to meet the needs of these patients.

It’s essential for you to understand the HIPAA privacy and security standards that govern any piece of medical technology that will handle patient information.

The most important thing to remember is that the medical apps you’re looking into must have a means of preventing data breaches of protected health information (PHI). Protected health information includes any health care data that can be used to identify a patient, such as name, address, date of birth, full facial photograph, or social security number.

Let’s take a look into some of the major requirements you should keep in mind when deciding on HIPAA compliant apps for your practice.

HIPAA Compliant Video and Chat Clients for Telebehavioral Health

Telemental and telebehavioral health apps are among the most common you’ll face as a behavioral health professional. Chat and video clients used over the course of telemental health treatment must be HIPAA compliant because of the nature of the sensitive health care information that patients will disclose.

One way to handle HIPAA compliant apps is by updating your HIPAA compliance program. You can list the parent companies of these apps as HIPAA business associates because of their role in the direct transmission of PHI from the patient to the counselor or therapist.

Remember that the chat or video clients you choose to use in the course of treatment must be HIPAA compliant. Before using a telebehavioral health app, be sure to execute a proper Business Associate Agreement with them. This should always be the first step you take when beginning a new business relationship with vendors who handle PHI in any way.

Encryption and HIPAA Security Standards

If you’re considering using HIPAA compliant app to interface with patients or share PHI, you must also ensure that the app uses end-to-end encryption.

End-to-end encryption is a means of keeping data transfers secure. Used in a medical app, end-to-end encryption will ensure that the only two parties able to view the material being transferred are the sender and the intended recipient.

HIPAA security regulation does not mandate end-to-end encryption in all forms of digital communication, but when dealing with third party medical apps, it’s an absolute essential to keep data from falling into the wrong hands.

End-to-end encryption is one of the first things behavioral health professionals should look for in a HIPAA compliant app–it’s that important.

Essential Telehealth Law & Ethical Issues

Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!

Telehealth 101: Essential Telehealth Technology Orientation

In this 2.5 hour, basic technology training, you will find a well-organized discussion of relevant basic research along with practical suggestions for making foundational decisions about your digital practice with cloud storage, backups systems, security software such as VPNs, HIPAA compliance and software purchasing, synchronous and asynchronous technologies, and much more.

Using Apps for Clinical Care? 5 Steps to Legal, Ethical, Evidence-Based Mental Health Apps

Clients and patients rely on psychotherapists to suggest apps for their care. Although many practitioners report using apps in their clinical practice, few have received specific training to select, implement and monitor the use of apps in clinical care.

Disclaimer: offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. Some of’s blog content is generated with the assistance of ChatGPT. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Privacy Policy and Terms and Conditions.

Was this article helpful?

Please share your thoughts in the comment box below.

Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
3 years ago

Here’s a compliance checklist:
– A clear Privacy Policy.
– Protection of patient data collected via the app.
– A disaster recovery plan.
– Users’ access to personal information.

Register for Free

Receive Any of Our 57 FREE Newsletters!


Most Popular Blog Topics

You May Also Like…

ChatGPT HIPAA Considerations
ChatGPT HIPAA Considerations

ChatGPT HIPAA compliance is one of the hottest topics at 2023 conferences and with good reason. AI...