The testing phase as described in H.R. 3323 is vague I'll agree, but if you examine the industry consensus, add a little common sense and apply the timelines for application development it should be clear that organizations should start testing the last few transactions in April 2003 if you have any expectation of meeting the October 2003 deadline for implementation. There should be a new white paper just to educate decision makers that the only thing the extension granted was the ability to be HIPAA compliant by October 2003 if you start right now!!! The deadline extension gave people a false sense of security that everything can be postponed for a while. This is certainly not the case. In addition, the Privacy regulations are still scheduled to go into effect April, 14, 2003. Wouldn't it be easier to complete the testing efforts prior to the privacy guidelines than after? I'm not confident that even a super-human effort by a highly sophisticated test team could accomplish the level of testing required in six months. There are too many other critical factors at work. The high possibility of rework due to vague business requirements, the sheer magnitude of test cases involved, the multiple test phases required and the scheduling complexity for trading partner testing efforts in my mind would be unmanageable to say the least. I'm sure we'll see...
Mark A Lott CIO HIPAA Testing, Inc. 480-946-7200 CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=business and enter your email address.
