Software Application Guidelines

Software App Review

It is important to submit your software app to the Emory review process. There are two paths available for this review. Plenty of details can be found on this Emory OIT websiite page.

Which path is right for me?

• Option 1: Emory Mobile App Review and Distribution Process for Public App Marketplaces. This is for apps that are distributed through app stores and available for anyone to purchase them.
• Option 2: Emory Mobile App Review and Submission Process for Internal Emory Distribution. This is for apps that will be used exclusively within the Emory community or that are in still in testing or reviews.

View complete details of this process

Overview of the Review Process

Option 1: For Public Distribution

Step 1: Disclose your software to OTT: please do this by submitting a disclosure form (found on our forms page) and start the commercial evaluation process.

Step 2: Branding review: any product utilizing the Emory brand must go through a review by the Communications and Public Affairs office. Those guidelines can be found on the Communications Website.

Step 3: Legal review: OTT will work with legal counsel to review any relevant intellectual property issues.

Step 4: Compliance and regulatory review: this includes review focused on HIPPA.

• What does HIPAA stand for? Health Insurance Portability and Accountability Act of 1996 .
• What does HIPAA do? HIPAA works to protect the privacy of people’s ePHI, which includes personal health and insurance information.
• What does HIPAA mean for my app? If your app collects, sends, and/or stores ePHI, then HIPAA may be applicable. If so, Emory OTT can help ensure that your app meets all regulations.

Step 5: Technical and information security review: OIT will perform this review looking at items such as ePHI, credit card information, or other compliance related items.

• What does ePHI stand for? Electronic Protected Health Information.
• What is ePHI? ePHI is the personal health information protected by HIPAA. It includes info about a person’s health and their health insurance.

Step 6: App store posting review: OIT will assist you in submitting your software app to the public marketplace.

View complete details of this process

Option 2: For Emory Only Distribution

Step 1: Internal posting review: OIT will perform a high level technical review.

Step 2: Compliance and regulatory review: this includes review focused on HIPPA.

• What does HIPAA stand for? Health Insurance Portability and Accountability Act of 1996.
• What does HIPAA do? HIPAA works to protect the privacy of people’s ePHI, which includes personal health and insurance information.
• What does HIPAA mean for my app? If your app collects, sends, and/or stores ePHI, then HIPAA may be applicable. If so, Emory OTT can help ensure that your app meets all regulations.

Step 3: Technical and information security review: OIT will perform this review looking at items such as ePHI, credit card information, or other compliance related items.

• What does ePHI stand for? Electronic Protected Health Information.
• What is ePHI? ePHI is the personal health information protected by HIPAA. It includes info about a person’s health and their health insurance.

Step 4: Complete internal distribution forms: OIT will assist you in submitting the appropriate forms.

View complete details of this process

Health Data Storage Companies

These companies help you comply to HIPAA standards by handling ePHI data collection for a fee.

• Atlanta IT Service
• OnePath

Programming Resources

• CodeAcademy
  Provides free web tutorials in computer programming

Hiring Programmers

• UpWork
• True IT Pros
• Tips for Hiring Programmers

Federal Trade Commission

If you are developing a mobile health app, find out which laws you need to follow in the mobile health apps section of the FTC website.