Share This Post

Ask For Help

HIPAA Compliance or equivalent law

Hi All, 

I have a startup in healthcare and wellness sector, where in the users will be sharing the health related data. In this regard just wanted to check if someone is aware of the complete process of complying with HIPPA of USA. Also, if there is any similar law in India for protection of health related data.

I will be thankful for any help in this direction.

Many thanks 

Best regards 

Raunak

Comments

Share This Post

14 Comments

  1. Hi Raunak,

    While I might not be the best person to answer this, but have you looked at : https://www.hipaa-india.com/
    I can put you in touch with consultants who can help you comply in the Healthcare Data domain. You can reach out to me at puneet@nirogam.com

  2. i’ve pinged asha satapathy of DocEngage who will respond 🙂

    https://www.therodinhoods.com/profile/AshaSatapathy

  3. Raunak,

    My answer on HIPAA is dependent on answer to below question:

    1. As part of the health related data being captured/handled by your company, would you be handling healthcare information of American Nationals? 

    Currently, while India does not have a specific law for Healthcare data, it does have a law for the protection of Personal Information. If your company handles personal data of Indian nationals, then it has to follow the Indian IT Act 2000 New rules. 

    Regards – Ashish

  4. Thanks Puneet for your reference. I will go through the link and touch base with you. 

  5. Thanks Asha for the quick revert and help.

  6. Thanks Ashish!

    Currently we plan to cater to Indian market, however given the virtual nature of the business, we may have US nationals as our customers. 

    Will go through the IT ACT and HIPAA.

    Thanks atone!

  7. HIPAA does not apply to services provided in the Indian jurisdiction. The health ministry is working on some EMR/EHR standards though. You can find them here: https://www.mohfw.gov.in/index1.php?lang=1&level=1&sublinkid=1714&lid=1607 

    My understanding is that even if you are catering to US nationals, since you are a registered provider in India; HIPAA would not apply. You will fall under the generic IT acts of protecting personal information.

    If you start working with healthcare providers in the US though by providing them with services, they might mandate some HIPAA compliance due to the nature risks involved.

  8. hey raunak – check out this TiE event – https://www.therodinhoods.com/events/technology-as-an-enabler-for-healthcare-host-tie-mumbai

    will it help you?

  9. Hi Raunak,

    Based on what I know…

    HIPAA regulations are mandated by the US government for Healthcare companies to ensure that companies comply with the necessary information that can only be utilized by authorized companies.

    There are only a few allowable data elements that can be utilized ie provider name, notification identification number, member name, member id number, date of birth, medical record number, diagnosis.

    In the Philippines – Companies need to partner with healthcare companies in the United States to get approval from the state / federal insurance department and federal / state government.

    Best of luck with you venture.

    Kaiz

  10. Raunak Jhunjhunwala, DocEngage is HIPPA compliance and it is not mandated by India as we are cloud based CRM and process millions of data we have done the compliance by our self. Usually it will be done in the product and also by the process compliance by the users as well…

    We have EMR standard released by Gov of India but they upgraded every year. It is not rolled out yet as mandate…

    We have  in-house HIPPA experts as we are all from Healthcare US so it did help a lot when we implement in India…. You do have HIPPA consultants who can help you on the compliance process…

    Let me know if you need any help…. 

    (Thanks Asha for pinging me)

  11. Thanks Sanket for your revert. Basically we foresee users from USA on our website though we will be headquartered in India. In that case, because we are handling data of users from USA there could be a potential cover of the company under HIPAA.

    Other than above, more from credibility perspective, I guess this will add value.

    Thanks

    Best regards

    Raunak

  12. Thanks Asha for sending across the link for the event . This seems to be a good event for us. However unfortunately I am travelling till tomorrow, therefore won’t be able to attend it.

    Thank alot anywz for so many referrals and help

    Best regards

    Raunak

  13. Thank you Kaiz for the response and wishes.  It is really useful. Just wanted one clarification in the your response ” There are only afew…..” are these items which can be displayed without HIPAA or what is it?

    Thanks

    Best regards

    Raunak  

  14. Raunak,

    I believe even with HIPAA there are only  a few data / information that can be displayed i.e provider name, notification identification number, member name, member id number, date of birth, medical record number, diagnosis.

    Regards,

    Kaiz

Comments are now closed for this post.

Lost Password

Register