1) No product can ever be "HIPAA Compliant", as end-user policies (in this case, how you design your app to protect the data, allow access, etc.) can allow breaches no matter how much HIPAA was taken in consideration when the software (GAE) was written.
2) If you're going to write a web application that involves HIPAA-covered information, you should probably already be better versed in compliance than this question suggests. I suggest some more research. 3) Consult a lawyer. Cover your bases. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
