Another way of looking at the same question, I suppose, is: What obstacles to achieving HIPAA compliance are unique to open source systems? Off-hand, I think one area that would be need to be addressed is certification. Open source systems can be very dynamic. If someone checks in a patch through CVS, the question could be raised as to whether HIPAA compliance is affected. But following the Linux model of even-numbered stable releases and and odd-numbered releases, one could always focus on making the even-numbered releases HIPAA compliant, perhaps achieving a level playing field with closed source systems. But then again, would odd-numbered releases ever be excercized in a meaningful way? Speaking as an engineer (and not a practitioner), I can't help but wonder if this would imply something like the FDA approval process, with clinical trials and all.
--- Adrian Midgley <[EMAIL PROTECTED]> wrote: > Generically, what would an open source medical system require in > order to maintain HIPAA compliance? > -- > From one of the Linux desktops of Dr Adrian Midgley > http://www.defoam.net/ > ===== Greg Woodhouse [EMAIL PROTECTED] It is better to be complex than complicated.
