Thank you for the input. I was concerned because websites like www.hipaaacademy.net were claiming to be "Certified Professionals" and my company was actually thinking of sending people to the classes and I became alarmed. Thanks again.
>From: "Dennis Melamed" <[EMAIL PROTECTED]>
>Reply-To: <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
>Subject: RE: CERTIFICATION?
>Date: Wed, 15 May 2002 14:09:04 -0400
>
>HHS is not going to certify any product or individual.
>
>Moreover, you are not going to be able to hide behind someone else's
>"certification" when patients, regulators or trial attorneys come knocking.
>
>For all the regulations, the best you can hope for is that the product is
>CAPABLE of meeting the requirements of each regulation. For example, the
>Privacy Rule has generated a growing number of tools that purport to meet
>the market's need to protect patient confidentiality. So are these policies
>and procedures HIPAA compliant? Maybe. But what good does that do you if you
>don't understand them, apply them to your specific situation or enforce
>them?
>
>The best they can do is offer you tools that can enable or ease your
>compliance tasks.
>
>The same holds true for security. These products can only enable compliance.
>If you need a certain level of encryption, then a product that offers that
>level of encryption -- if you use it -- will meet the requirements of HIPAA.
>
>HIPAA compliant may be a better term to use for these products, assuming
>they do what the claim.
>
>If someone claims to be certified, take a look at who did the certifying,
>and then make a decision about the vendor. Some consulting firms have
>offered this certifying service. So what you have is a third-party
>certifying a product -- not a government entity.
>
>The most important thing to remember: Compliance is an ongoing exercise. It
>never ends. Privacy and security are ongoing responsibilities and you are
>not going to be able to take a product, insert it into your operations and
>then think you have completed your task.
>
>New technologies are going to present new security and privacy challenges.
>These will necessarily require adjustments on your part as well.
>
>Hope this helps,
>Dennis Melamed
>Editor
>Health Information Privacy Alert
>(202) 296-3069
>
>
>
>
>
>
>
>
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, May 15, 2002 1:38 PM
>To: [EMAIL PROTECTED]
>Cc: [EMAIL PROTECTED]
>Subject: Re: CERTIFICATION?
>
>
>
>
>
>REF: Certification
>
>Are you speaking of individuals ? Or, products ?
>
>
>David Sweigert, M.S., CISSP
>State IT Security Policy Officer
>Office of Statewide IT Policy
>Computer Services Division
>http://www.ohio.gov/itp
>
>
>
> "Kerri Stone"
> <[EMAIL PROTECTED] DIV < [EMAIL PROTECTED] To:>> m> cc:
> Subject: CERTIFICATION?
> 05/15/2002 12:31
> PM
>
>
>
>
>
>
>
>
>Hello. I am not sure if this has been discussed or not, but I have been
>looking at a number of websites where people claim to do "certification" of
>HIPAA compliance. And even a few claim to have been certified by their
>respective states, or even the federal government. I thought there was no
>such thing as official HIPAA certification. I was under the impression it
>was self-certification. Am I wrong? I would appreciate any feedback.
>Thank you.
>
>Sincerely,
>Kerri Stone
>HIPAA Project Manager
>SCB Computer Technology
>(954) 234-3569
>[EMAIL PROTECTED]
>
>Get your FREE download of MSN Explorer at http://explorer.msn.com.
>
>**********************************************************************
>To be removed from this list, go to:
>http://snip.wedi.org/unsubscribe.cfm?list=privacy
>and enter your email address.
>
>
>
>
>
>**********************************************************************
>To be removed from this list, go to:
>http://snip.wedi.org/unsubscribe.cfm?list=privacy
>and enter your email address.
>
>
>
>**********************************************************************
>To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy
>and enter your email address.
>
Join the world�s largest e-mail service with MSN Hotmail.
To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy
