Title: Winzip & password and e-mail
Carolyn, he doesn't exactly say that they are transactions.  Only PHI - if they are transactions, I completely agree with you.  If they are not, then this would be minimal protection from incidental disclosure only - until the security rule deadline requires stronger protections.
 

Tim McGuinness, Ph.D.
Consulting Specialist in Regulatory Privacy, Security, and Application Compliance (HIPAA/ASCA/FDA/CMS-HCFA/ICH/ADA 508c),
 
President,
HIPAA Help Now
 
Executive Co-Chairman for Privacy,
HIPAA Conformance Certification Organization (HCCO)
www.hcco.us

__________________________________________________________________
Phone:   727-787-3901   Cell: 305-753-4149    Fax: 240-525-1149
Instant Messengers: 
ICQ# 22396626 - MSN IM: [EMAIL PROTECTED] - Yahoo IM  timmcguinness - AOL IM:   mcguinnesstim
__________________________________________________________________

===========================================================================

IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed. If you are not the intended recipient, please notify the sender at once, and you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited. Nothing in this email, including any attachment, is intended to be a legally binding signature.

-----Original Message-----
From: Price, Carolyn [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 30, 2002 4:29 PM
To: Fify Taslim; '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
Subject: RE: Winzip & password and e-mail



HIPAA mandates that all transactions sent via the web be encrypted.  Since the example you give is NOT encrypted, it is not allowed at all.
Carolyn Price
-----Original Message-----
From: Fify Taslim [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 30, 2002 11:40 AM
To: '[EMAIL PROTECTED]'; 'business@wed[i.org'; '[EMAIL PROTECTED]'
Subject: Winzip & password and e-mail



Hello all,

Thank you in advance for all your valuable the responds.
I have Privacy issue question today. Is this scenario still HIPAA compliant or not allowed at all?  Scenario: sending daily file containing member PHI through e-mail. The file are zipped [Winzip]and password protected, and no encryption were done.

Any suggestion/recommendation to HIPAA compliance are welcome.

Regards,

Fify Taslim, MD, MBA

Care1st Health Plan
Compliance Specialist/HIPAA Coordinator
Ph. (626) 299-4299 ex.376
Fx. (626) 628-3263
E-mail: [EMAIL PROTECTED]


To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=Security
and enter your email address.

The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.


**********************************************************************
To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=Business
and enter your email address.

The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
BEGIN:VCARD
VERSION:2.1
N:McGuinness;Tim;;;Ph. D.
FN:Tim McGuinness Ph. D.
ORG:HIPAA Help Now Inc.
TITLE:President
TEL;WORK;VOICE:(727) 787-3901
TEL;CELL;VOICE:(305) 753-4149
TEL;WORK;FAX:(240) 525-1149
ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Corporate Office:=0D=0A1920 East Hallandale Blvd., Suite 600,;Hallandale B=
each;Florida;33009;United States of America
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Corporate Office:=0D=0A1920 East Hallandale Blvd., Suite 600,=0D=0AHallandal=
e Beach, Florida 33009=0D=0AUnited States of America
ADR;POSTAL;ENCODING=QUOTED-PRINTABLE:;;Tampa Bay Office:=0D=0A687 First Court;Palm Harbor;Florida;34684;United St=
ates of America
LABEL;POSTAL;ENCODING=QUOTED-PRINTABLE:Tampa Bay Office:=0D=0A687 First Court=0D=0APalm Harbor, Florida 34684=0D=
=0AUnited States of America
URL;WORK:http://www.hipaahelpnow.com
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
EMAIL;INTERNET:[EMAIL PROTECTED]
REV:20020906T095704Z
END:VCARD


To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=Security
and enter your email address.

<P>The WEDI SNIP listserv to which you are subscribed is not moderated.  The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP.  If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.

Reply via email to