Hospitals and mobile health technology developers seeking guidance to ensure their products are in compliance with HIPAA privacy and security rules got a boost last week from Health and Human Services Secretary Sylvia Mathews Burwell.

Burwell's office released a letter she sent last November to Rep. Peter DeFazio (D-Ore.), who had called the issue to the attention of HHS. In the letter, Burwell pledged that the Office for Civil Rights will be more responsive in providing guidance.

Burwell also said outreach to the industry is "critical" and added that the OCR has already begun a dialogue with the association.

"Further, we are also exploring the possibility of 'holding a series of listening sessions' through which we can hear directly from stakeholders in the mobile health field about privacy and security concerns that can be addressed through guidance," she wrote.

Concerns from healthcare providers over HIPAA compliance are holding up sales, according to the App Association, which represents some 50,000 app developers and IT companies.

Morgan Reed, the association's director, told Venture Beat that the HIPAA guidelines are outdated and that hospitals are declining to do business with partners whose technology might not be compliant, making it hard for startup companies in the mobile health technology field to get business.

“Often we talk to developers who have got their first round of funding," Reed said. "They have a good idea that promotes good patient outcomes, but then they get into the development cycle and the sales just aren’t there.There's a disconnect."