Richard,
has all the Implimentation Guides and Addenda available for
download.
The big thing is that if there is a 004010-series IG for what
you're doing, you have to use it, and any provider who uses one of your
terminals is a Covered Entity, and subject to the full force of the Privacy and
Security regulations. (First up to bat, theit Notice of Privacy Practices
must be ready by April 16).
The opinions expressed here are my own and not necessarily the opinion of
LCMH.
Douglas M. Webb Computer System Engineer Little Company of Mary
Hospital & Health Care Centers [EMAIL PROTECTED]
"This electronic message may contain information that is confidential
and/or legally privileged. It is intended only for the use of the individual(s)
and entity(s) named as recipients in the message. If you are not an
intended recipient of the message, please notify the sender immediately,
delete the material from any computer, do not deliver, distribute, or copy this
message, and do not disclose its contents or take action in reliance on the
information it contains. Thank you."
----- Original Message -----
Sent: Thursday, February 27, 2003 03:31
PM
Subject: RE: Questions in regard to
Security/Privacy
The Transactions that these POS terminals will be supporting
are HealthCare transactions - 270/271, 277/275, 835, 837 etc... Where can I
find more information about the TCS
rule?
Thanks, Richard
-----Original Message----- From:
Catherine Lohmeier [mailto:[EMAIL PROTECTED] Sent:
Thursday, February 27, 2003 4:08 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject:
RE: Questions in regard to Security/Privacy
I don't see these POS
terminals being affected by HIPAA if in fact they are doing a financial
transaction...ie patient is making a payment for services rendered(paying
the co-pay with a credit card).
Now, there is a network of POS
terminals that do eligibility checks and referrals etc..these terminals are
conducting transactions for which a standard has been defined and are
therefore subject to the HIPAA TCS rule. The use of these POS
terminals qualify the provider as a Covered Entity which in turn makes the
provider subject to the Privacy and Security Rule.
Any other
opinions or observations?
CL ---- Original Message ---- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject:
RE: Questions in regard to Security/Privacy Date: Thu, 27 Feb 2003 09:52:59
-0800
>I would like to know how the privacy & security act under
HIPAA will >impact our >current systems today? I support POS
card/swipe machines that dialup >(via an >async/sync modem) over
the public telephone system into a server that >is >connected to a
private network. These machines (terminals) are >located
through >out the USA in Provider offices, clinics and hospitals. The
dialup >protocol >(VISA) is the same protocol that the financial
processors use today >doing >credit/debit transactions. Are there
any issues that I need to be >concerned >about from the terminal
point of view? > >The second part of my question, I would like to
know how the privacy >& security >act under HIPAA will impact
POS card/swipe machines that dialup (via >an >async/sync modem)
over the public telephone system into a ISP that is >connected >to
the Internet. These machines (terminals) are located through
out >the USA in >Provider offices, clinics and hospitals. The
dialup protocol will be >either VISA >or PPP (Point-to Point). Are
there any issues that I need to be >concerned about >from the
terminal point of view? > >--- >The WEDI SNIP listserv to
which you are subscribed is not moderated. >The discussions on this
listserv therefore represent the views of the >individual participants,
and do not necessarily represent the views >of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive >an official opinion,
post your question to the WEDI SNIP Issues >Database at http://snip.wedi.org/tracking/.
These listservs should >not be used for commercial marketing purposes or
discussion of >specific vendor products and services. They also
are not intended to >be used as a forum for personal disagreements or
unprofessional >communication at any time. > >You are
currently subscribed to wedi-privacy
as: >[EMAIL PROTECTED] >To unsubscribe from this
list, go to the Subscribe/Unsubscribe form >at http://subscribe.wedi.org or send a blank
email to >[EMAIL PROTECTED] >If you need
to unsubscribe but your current email address is not the >same as the
address subscribed to the list, please use the >Subscribe/Unsubscribe
form at http://subscribe.wedi.org
Catherine
Lohmeier Sr. Business Consultant PCI: e-commerce for healthcare ph.
402-304-1918 www.hipaasurvival.com
--- The
WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post your
question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/.
These listservs should not be used for commercial marketing purposes or
discussion of specific vendor products and services. They also are not
intended to be used as a forum for personal disagreements or unprofessional
communication at any time.
You are currently subscribed to wedi-privacy
as: [EMAIL PROTECTED] To unsubscribe from
this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank
email to [EMAIL PROTECTED] If
you need to unsubscribe but your current email address is not the same as the
address subscribed to the list, please use the Subscribe/Unsubscribe form at
http://subscribe.wedi.org
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
|