Questions in regard to Security/Privacy

[Richard Smith]

I would like to know how the privacy & security act under HIPAA will impact our
current systems today? I support POS card/swipe machines that dialup (via an
async/sync modem) over the public telephone system into a server that is
connected to a private network. These machines (terminals) are located through
out the USA in Provider offices, clinics and hospitals. The dialup protocol
(VISA) is the same protocol that the financial processors use today doing
credit/debit transactions. Are there any issues that I need to be concerned
about from the terminal point of view?

The second part of my question, I would like to know how the privacy & security
act under HIPAA will impact POS card/swipe machines that dialup (via an
async/sync modem) over the public telephone system into a ISP that is connected
to the Internet.  These machines (terminals) are located through out the USA in
Provider offices, clinics and hospitals. The dialup protocol will be either VISA
or PPP (Point-to Point). Are there any issues that I need to be concerned about
from the terminal point of view?

---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions 
on this listserv therefore represent the views of the individual participants, and do 
not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If 
you wish to receive an official opinion, post your question to the WEDI SNIP Issues 
Database at http://snip.wedi.org/tracking/.   These listservs should not be used for 
commercial marketing purposes or discussion of specific vendor products and services.  
They also are not intended to be used as a forum for personal disagreements or 
unprofessional communication at any time.

You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at 
http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the 
address subscribed to the list, please use the Subscribe/Unsubscribe form at 
http://subscribe.wedi.org

RE: Questions in regard to Security/Privacy

[Richard Smith]

The Transactions that these POS terminals will be supporting are HealthCare 
transactions - 270/271, 277/275, 835, 837 etc...
Where can I find more information about the TCS rule?

Thanks,
Richard

-Original Message-
From: Catherine Lohmeier [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 4:08 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: Questions in regard to Security/Privacy


I don't see these POS terminals being affected by HIPAA if in fact
they are doing a financial transaction...ie patient is making a
payment for services rendered(paying the co-pay with a credit card).

Now, there is a network of POS terminals that do eligibility checks
and referrals etc..these terminals are conducting transactions for
which a standard has been defined and are therefore subject to the
HIPAA TCS rule.  The use of these POS terminals qualify the provider
as a Covered Entity which in turn makes the provider subject to the
Privacy and Security Rule.

Any other opinions or observations?

CL
 Original Message 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: Questions in regard to Security/Privacy
Date: Thu, 27 Feb 2003 09:52:59 -0800

>I would like to know how the privacy & security act under HIPAA will
>impact our
>current systems today? I support POS card/swipe machines that dialup
>(via an
>async/sync modem) over the public telephone system into a server that
>is
>connected to a private network. These machines (terminals) are
>located through
>out the USA in Provider offices, clinics and hospitals. The dialup
>protocol
>(VISA) is the same protocol that the financial processors use today
>doing
>credit/debit transactions. Are there any issues that I need to be
>concerned
>about from the terminal point of view?
>
>The second part of my question, I would like to know how the privacy
>& security
>act under HIPAA will impact POS card/swipe machines that dialup (via
>an
>async/sync modem) over the public telephone system into a ISP that is
>connected
>to the Internet.  These machines (terminals) are located through out
>the USA in
>Provider offices, clinics and hospitals. The dialup protocol will be
>either VISA
>or PPP (Point-to Point). Are there any issues that I need to be
>concerned about
>from the terminal point of view?
>
>---
>The WEDI SNIP listserv to which you are subscribed is not moderated.
>The discussions on this listserv therefore represent the views of the
>individual participants, and do not necessarily represent the views
>of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive
>an official opinion, post your question to the WEDI SNIP Issues
>Database at http://snip.wedi.org/tracking/.   These listservs should
>not be used for commercial marketing purposes or discussion of
>specific vendor products and services.  They also are not intended to
>be used as a forum for personal disagreements or unprofessional
>communication at any time.
>
>You are currently subscribed to wedi-privacy as:
>[EMAIL PROTECTED]
>To unsubscribe from this list, go to the Subscribe/Unsubscribe form
>at http://subscribe.wedi.org or send a blank email to
>[EMAIL PROTECTED]
>If you need to unsubscribe but your current email address is not the
>same as the address subscribed to the list, please use the
>Subscribe/Unsubscribe form at http://subscribe.wedi.org

Catherine Lohmeier
Sr. Business Consultant
PCI: e-commerce for healthcare
ph. 402-304-1918
www.hipaasurvival.com

---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions 
on this listserv therefore represent the views of the individual participants, and do 
not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If 
you wish to receive an official opinion, post your question to the WEDI SNIP Issues 
Database at http://snip.wedi.org/tracking/.   These listservs should not be used for 
commercial marketing purposes or discussion of specific vendor products and services.  
They also are not intended to be used as a forum for personal disagreements or 
unprofessional communication at any time.

You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at 
http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the 
address subscribed to the list, please use the Subscribe/Unsubscribe form at 
http://subscribe.wedi.org