Concerned With HIPAA

‚ÄčMylestones is not a "covered entity" as defined by HIPAA rules as 1) health plan 2) health care clearinghouse and 3) health care provider who electronically transmits any health information in connection with transactions for which HHS has adopted standards.  Mylestones does not collect Protected Health Information (PHI) from any covered entity as defined by HIPAA

The vast majority of providers that work with Mylestones are covered entities and have required compliance.  The members and patients using this application are doing so inside their own project and not inside the providers network, all data is hosted on the Mylestones network.