In HeathTech apps, it’s often the case that you’re dealing with private or health-related data. This requires compliance with regulations, such as HIPAA in the United States. These regulations force you to handle sensitive data in a well-defined manner, so only specific people can read it, and if they do, it should be logged for later auditing.

To be compliant with HIPAA, technical and administrative safeguards must be implemented both within your company and in your app. The technical safeguards often lead to more complicated software architectures. So, it’s a good idea to make sure the extra engineering development work for HIPAA compliance is necessary before embarking. Alternatively, you could fall under one of the four cases where it’s safe not to comply with HIPAA.