Skip to Content


As telemedicine, remote healthcare, and innovation transform the delivery of patient healthcare services, technology vendors are in the forefront of developing the tools that enable this revolution. As more and more technology companies enter the market to deliver solutions to hospitals, doctors, therapists, and other healthcare customers, compliance with the Healthcare Insurance Portability and Accountability Act (HIPAA) as “Business Associates” can not be overlooked.

HIPAA compliance obligations for technology companies serving the healthcare industry must be treated with the utmost seriousness, since the financial and legal consequences for non-compliance can be devastating. 

Separate from HIPPA, the U.S. Federal Trade Commission has implemented a Health Breach Notification Rule, which imposes rigid compliance requirements upon technology companies, including operators of mobile apps and websites, that receive healthcare data from their users. Failure to follow this rule is treated as an unfair or deceptive act or practice in violation of the Federal Trade Commission Act, which may result in financial and broad remedial consequences.

SLG has leveraged its extensive knowledge in the technology industry to support our clients’ compliance needs under HIPAA and the Health Breach Notification Rule, offering the following portfolio of services:

  • HIPAA Compliance and Security Policies
  • Business Associates Agreements for Technology Companies
  • Business Associates Agreements for Vendors of Technology Companies
  • FTC Health Breach Notification Rule Compliance and Advice
  • Development of Website and App Privacy Policies
  • HIPAA Privacy Training Seminars
  • Internal Corporate Data Privacy Storage and Retention Policies
  • Corporate Privacy and Compliance Policies
  • Data Breach Preparedness and Response

Free Consultation

This slideout can include a call-to-action or a quick scroll back to the top.

Scroll to Top