This is not correct, FYI.

You have it correct in your other reply. Simply put, most of these apps aren't Covered Entities, so they don't need to be HIPAA compliant.