Telehealth Cybersecurity Regulations

The law keeps an eye on the healthcare business

Policy and law makers across the world are well-aware that cyber risks ramp up arm-in-arm with the growth of telehealth, and therefore have begun to extensively enforce the law and update guidelines and recommendations regarding patient data protection to create and maintain a safe and secure environment for patients, providers and caregivers.

HIPAA privacy and security rule

If mobile apps store, collect, maintain or transmit any Electronic Protected Health Information (ePHI), they are subject to the Health Insurance Portability and Accountability Act (HIPAA).

The average financial penalty for breaching HIPAA was $1.2M USD in 2019.

The penalty does not include the loss of revenue due to brand damage, lawsuits expenses and fines.


Any mobile app that works as an accessory to a regulated medical device or transforms a mobile platform into a regulated medical device is subject to Food and Drug Administration (FDA) regulations.

Remote patient monitoring apps are good examples of the platforms that need to be FDA compliant.

Not meeting FDA regulations makes the product inadmissible to be legally marketed in the US.

Want to learn more? Let’s talk about how Irdeto can help you!

Contact us