My wife works in an HR department. I have heard a little about HIPPA regulations. The thing that really struck me was when she said there could be no piece of paper in any file with both a name and a social security number on it. This legislation is still too new, and many of the requirements still have to go thru the court system to determine compliance, but it is scaring the heck out of me as I try to design a database and program for employee tracking and scheduling for a new company. Mark Bushaw
On 12 Jul 2002 at 10:50, Dan Stein wrote: > Just to second that. I think the HIPPA guidelines actually require two > levels or more of security so I am not sure the traditional login system > works. It may be different for data not transmitted across the internet, but > I would suggest a careful reading of the guidelines is in order. > > When JCHH comes around next year I am sure this is one of the things they > will look at. > > Dan > > -- > Dan Stein > Digital Software Solutions > 799 Evergreen Circle > Telford PA 18969 > Land: 215-799-0192 > Mobile: 610-256-2843 > Fax 413-410-9682 > FMP, WiTango, EDI,SQL 2000 > [EMAIL PROTECTED] > www.dss-db.com > > > > From: Jason Pamental <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > Date: Fri, 12 Jul 2002 09:46:56 -0400 > > To: Multiple recipients of list witango-talk <[EMAIL PROTECTED]> > > Subject: Re: Witango-Talk: One more! > > > > Steve, > > > > This has certainly been an interesting thread - a lot of great ideas have > > been presented. One thing that got lost initially though is the point of > > needing the security: HIPAA regulations. The whole point of them is to > > provide security and privacy of medical records. Allowing doctors to do an > > end-run around having to log in with unique information defeats the purpose > > of the regulations. this exposes the patient's private medical information > > (and here is the point to bring up with hospital administration) exposes the > > hospital or medical group to HUGE liabilities and other legal consequences. > > > > It may be beyond your control, but you might find that the possibility of > > lawsuits might make it suddenly more palatable for the doctors to have to > > 'lower themselves' to remembering passwords to log into the systems. > > (although a bar-code added to the id badge they probably already have would > > be a nice solution as well). > > > > Just a little more fuel for the fire... > > > > Jason > > > >>> > >>>> > >>>> One more question. What can you capture without the user knowing it's > >>>> being captured. I know you can do normal stuff like, where they came > >>>> from, how long and that type of data, but, is there anyway to capture > >>>> their email address somehow without them knowing it? > >>>> > >>>> Any ideas? > >>>> > >>>> Steve > > > > -- > > ____________________________________________________________________ > > > > Jason Pamental, President [EMAIL PROTECTED] > > > > Bathysphere Digital Media Services, Inc. http://bathyspheredms.com > > ____________________________________________________________________ > > > > Tel: 401.490.6830 Fax: 401.490.6831 > > ________________________________________ > > > > ________________________________________________________________________ > > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > > with unsubscribe witango-talk in the message body > > > > ________________________________________________________________________ > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body
