Do I need to become HIPAA compliant?
If you are collecting, storing or transmitting PHI (Protected Health Information) to a covered entity then you definitely should be HIPAA compliant.
If you’re building an application that has any reasonable likelihood of collecting, storing or transmitting PHI you should probably be HIPAA compliant.
If we’re being honest, it’s not worth taking the risk of HIPAA compliance audits and penalties if you have even a small chance of managing PHI within your application.