§
164.530 Administrative requirements.
(c) (1)
Standard: safeguards. A covered entity must have in place appropriate
administrative, technical, and physical safeguards to protect the privacy
of protected health information.
(2)
Implementation specification: safeguards.
(I) A covered entity must reasonably safeguard protected health information from any intentional or unintentional use or disclosure that is in violation of the standards, implementation specifications or other requirements of this subpart.
We knew this was an issue, so we took the "no email to patients" approach also. In our opinion, It is just too big of a risk.
Judith Bentz-Miller
Privacy Officer
Arnett Clinic
765-448-8843
-----Original
Message-----
From: Gregory Park
[mailto:[EMAIL PROTECTED]
Sent: Monday, March 24, 2003 3:01
PM
To: WEDI SNIP Privacy Workgroup List
Subject: RE: New to
this list, have two questions.
---One follow-up question/remark/plead for public opinion to your response Deborah."...no PHI will be sent via email..." Is that now or when? Are you considering yourself at risk now because of the ruling? Just curious as I have heard others in the field drop the "PHI Email" gate immediately as soon as they understood the Security rules. Wouldn't you continue as usual and work towards a reasonable solution effective before 2005?Greg Park
Product Manager
DB Technology Inc.
Office: 800-760-4096 x117
Cell: 484-919-0392
PA Office: 610-397-0288www.dbtech.com
--------Original Message-----
From: Deborah Campbell [mailto:[EMAIL PROTECTED]
Sent: Monday, March 24, 2003 9:39 AM
To: WEDI SNIP Privacy Workgroup List
Subject: RE: New to this list, have two questions.Here's my opinion. I'd be interested if anyone has other opinions.
1) An email is unprotected as soon as it is sent over the internet. Almost anyone can intercept it. So you need to determine your risk and what you want to do to eliminate it. We have determined that no PHI will be sent via email until we have an encryption solution.2) It depends what the Case Manager is doing. If they are working "on behalf of
the insurance carrier, then they are either an employee of the carrier or a BA of the carrier. If they are doing Quality Assurance on behalf of the carrier, you are permitted to release PHI to them without the need of any contract with them (the carrier would have the contract). Check § 164.506(c)(4) of the August revisions of the Privacy Rule.Deborah
Deborah Campbell
Compliance CoordinatorDominion Dental Services, Inc.
115 South Union Street, Suite 300
Alexandria, Virginia 22314Phn: (703) 518-5000 ext. 3035
Fax: (703) 518-8849
Toll Free: 888-518-5338
Email: [EMAIL PROTECTED]*******************************************
The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized.If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful.
*********************************************************************
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 24, 2003 9:25 AM
To: WEDI SNIP Privacy Workgroup List
Subject: New to this list, have two questions.
Hello List,
I am new to this list, so please be patient with me, if I ask any questions
that have been addressed repeatedly in the past. Anyway, I am the HIPAA
Privacy Officer for a Physician's Group Practice and have just recently
finished our first round of "Privacy Training and Education" for the group.
Two questions came up that I could not answer specifically:1) Is there specific direction as to what we can and can not discuss
during
e-mails between the clinic and patient; and2) Do we need a contract between Nurse Case Manager's that come in
to our
office to discuss treatment plans with our doctors (that are
contracted
by the Insurance Carrier) and our Physician's Group to satisfy
"Business
Associate Policy" portion of our HIPAA Privacy Rule policies?I appreciate any information available. Also, please let me know if there
are other
"List-Serves" that are more specific to "Healthcare Privacy, Security &
Electronic Transactions."Thank You,
Daryl Ewing, CPC
RPK Anesthesia, P.A.---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
