Skip to main content

HIPAA and Cloud Applications: the Basics of Handling PHI for Developers

Eric Nelson (Janrain)
Platforms Salon H-K
Average rating: ****.
(4.00, 1 rating)
Slides:   1-PPTX 

When I began work to launch a simple web-based healthcare app, I was shocked to find it difficult to impossible to find guidance on how to meet HIPAA guidelines when providing a SaaS offering from the cloud. The goal of this session is to share my experiences and what I have learned in the past year in launching a healthcare app in the cloud, and to present a framework that others can use to bring their ideas to life and help change our failing healthcare system.

The healthcare industry is desperately in need of ways to cut costs while improving the level of service; emerging cloud technologies offer a great deal of promise in both areas. At the same time, the open source movement is making the healthcare industry’s problems more accessible for developers to contribute towards solutions. Most of the resources available for handling electronic Protected Health Information are aimed at IT staff charged with securing healthcare data inside the firewall. While new technology allows developers to bootstrap applications that transcend firewalls and organizational boundaries, there are very few publicly available resources that address the question of how to adhere to HIPAA that are designed specifically for application developers attempting to revolutionize the healthcare industry with open source cloud technologies.

Adhering to HIPAA is difficult enough for healthcare practitioners, but it can be seemingly impossible for a passionate developer new to healthcare and hoping to make a difference. I will share what I have learned during my journey of launching a web-based point of sale app for small healthcare clinics, as well as outline what resources are already available. The presentation will be designed to engage the audience in a collaborative discussion and allow others to share additional information or correct my missteps.

  • What is HIPAA?
  • Does HIPAA cover me?
  • Responsibilities of covered entities
  • HIPAA is reasonable and HHS is OK w/ innovation
  • Framework for HIPAA compliance for cloud application developers
  • Hacked solutions
  • Additional resources
  • Discussion
Photo of Eric Nelson

Eric Nelson


Eric Nelson is Solutions Engineer at Janrain. Janrain provides a software-as-a-service user management platform with solutions for social login, social sharing and profile data storage to help companies improve user acquisition, intelligence, and engagement. Eric also founded Gravel Financial Applications, a small business software company that provides web-based solutions for common accounting and operational challenges. An accountant and engineer by trade, Eric has earned his CPA and CMA certifications, but would prefer to save you from horrible accounting software rather than help you complete your tax return. Eric loves building self-sustaining systems and is currently captivated by transforming healthcare through connected cloud applications.

For exhibition and sponsorship opportunities at Strata Rx conference, contact Sharon Pierce at (203) 304-9476 or

For information on trade opportunities with O'Reilly conferences email mediapartners

View a complete list of Strata Rx 2013 contacts