HIPAA compliance checklist
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established standards for the security and privacy of health data, especially individually identifiable information. Healthcare providers and related entities in the United States must abide by these regulations, but the standards are also utilized by many organizations outside the traditional healthcare system and even outside the United States.
The move to mobile expands access to health information to more people and more devices and so creates new systems and processes that must be evaluated for HIPAA compliance. This document outlines best practices in mobile policy and data leakage controls for HIPAA compliance. This is a starting point, but each organization will still need to conduct its own regulatory analysis to define appropriate controls.