What about a completely offline desktop application?
tanin47 opened this issue · comments
It doesn't send anything through the wire nor store anything online. A user may import patient data and export it back on the local machine. I assume this is fine assuming the machine itself is hipaa compliant.
So, I have a question: for an completely offline desktop application, can we say it is hipaa compliant?
Thank you!
You cannot say it's HIPAA compliant by default. HIPAA applies to PII/PHI regardless of its form (e.g., paper, electronic) or how it's transmitted, stored or shared.