1

I am working on a medical device. I want to FDA certification for it. The device is having ePHI (protected health information). So is it mandatory to have HIPAA compliance for FDA approval?

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
Amit
  • 11
  • 2
  • 2
    I don't think you will get an answer here. I would contact FDA if they can't give you an answer try contacting U.S. Department of Health & Human Services. – Tim Jonas Jan 03 '15 at 08:51
  • 1
    This link was at the top of my google search for your question: http://www.fdalawblog.com/2013/08/articles/legislation/hipaahitech-compliance-strategies-for-medical-device-manufacturers/ – schroeder Jan 03 '15 at 18:39
  • 1
    What research have you done on your question? – schroeder Jan 03 '15 at 18:44

1 Answers1

1

I think the FDA will require HIPAA compliance for any device that uses PHI -- but, as has been noted in the comments to your question, the FDA will be the sole authority on its own requirements. This question-and-answer site is designed to provide helpful guidance -- but what you need is a legal opinion.

That said, even if you find that HIPAA compliance is not mandatory for the device you are working on, your only wise choice is to build on a foundation of HIPAA compliance anyway. This is especially important since you're already working with PHI. (And it would still be important even if you weren't, to allow for growth of your product.)

Joe DeRose
  • 396
  • 1
  • 5
  • You will find the FDA's answer in the link posted by schroeder as a comment to the question. – Bob Brown Jan 03 '15 at 20:45
  • The medical device in dealing with PHI but still it is starting phase of this device. I just need to do FDA certification. So is it mandatory to have HIPAA for FDA approval? – Amit Jan 05 '15 at 06:21