I would tend to second Matt's recommendation on getting proper HIPAA compliancy and regulatory guidance. I would look at thoroughly understanding how CouchDB stores the data files and bring it to your legal counsel.
HIPAA is a very sensitive subject and topic for any organisation and you unfortunately there's no "agile" way (like software) to look at it really. I *strongly* recommend, compel you even, to get a technologically-inclined legal practitioner whom have dealt with this type of organisational and technological HIPAA-compliant structure in the past. Please let this not be construed as legal advice. On 28 April 2014 09:07, Dave Cottlehuber <[email protected]> wrote: > ------------------------------------------------------ > From: [email protected] [email protected] > Reply: [email protected] [email protected] > Date: 28. April 2014 at 04:40:17 > To: [email protected] [email protected] > Subject: HIPPA rules > > > I'm wondering if anyone has dealt with building applications using > CouchDB while having > > to follow HIPPA compliance? > > FWIW I’m aware of at least 1 organisation who is using CouchDB, and is > HIIPA compliant. So it’s at least possible. > > -- > Dave Cottlehuber > Sent from my PDP11 > > > > -- David Coallier
