Image Credit: The Data Center Journal

Health Insurance Portability and Accountability Act

We have built Health Nexus because of the amazing potential which exists by marrying blockchain technology and the healthcare sector. There is, however, a massive schism of misunderstanding around the Health Insurance Portability and Accountability Act, known to the uninitiated as HIPAA.

The question of how our technology relates to HIPAA is one we get asked a lot. The very question referring to HIPAA as a single “thing” indicates how much confusion there is around it. It is a single name which covers two core aspects of healthcare governance.

It governs rules around health insurance. It relates to the security of transferring and storing healthcare data.

It is the second aspect of HIPAA which pertains to us most directly, and within this category it dictates that patients must maintain access to their record. Patients not only have the right to see their data, but getting access to that data should not be overly expensive and in most cases should fall within a 30 day window of the request. You can learn more about this part of the law here at HealthIT.gov

HIPAA Compatible Nodes

As a protocol we believed it was important to have HIPAA guide our development because it is a globally recognized standard in healthcare. Knowing that this aspect of security would be important to the healthcare industry, Health Nexus will be HIPAA compatible because the validators on the blockchain will have to pass HIPAA audits. The alternative is: unknown nodes that sit in unknown locations at an unknown concentration; HIPAA compliant validators add another layer of security and peace of mind for healthcare on top of the security which blockchain technology provides.

A permissioned system, in our case HIPAA compliant validators, helps to ensure that there is some filter for what powers the blockchain.

HIPAA compliance is easy to check for — every digital health company and healthcare facility has to have HIPAA compliant servers and data storage centers — most have a certificate or third party verification that confirmed HIPAA compliance, and verification is done at least quarterly.

International Adoption

People are often concerned that if the validators are HIPAA compliant and that there are different security requirements in other countries, this will server as a barrier to adoption. This is a common misconception. Any dApp that is built on our protocol still has to pass the security protocols of the country in which it operates. Just like with our ConnectingCare application, which is cloud based, we are responsible for the HIPAA compliance and security of it despite the fact that we are using the Internet. Our protocol is the same — open source, free to build on but the developers and dApp builders are responsible for the security.

The missing piece in marrying healthcare and blockchain

Healthcare is slow moving, in large part because of the sensitive nature of the data it touches. This is why have received such strong support for the extra permissioned nature of our blockchain. It is a critical piece which will allow our blockchain to fill the specific niche of healthcare. As a team, SimplyVital Health is a mix of healthcare and blockchain expertise. It is the marriage of those disciplines which we are are both passionate about and instilling in Health Nexus.

About SimplyVital Health

SimplyVital Health is making decentralized technology accessible to the healthcare industry by creating Health Nexus, a healthcare-safe opensource blockchain.

https://www.simplyvitalhealth.com/