BINGO!!!!!!!!!!!! And you know, it's not too "new". It's coming and the scary part about it is, I am having to re-examine all of my applications and how many tiers of security I have on them. You basically can NOT have a piece of paper with their name on it alone if it has anything to do with their personal person as to who they are or their health status.
HIPPA is going to be a Y2K with no clear definitions. Some of the security regs alone are going to put people like us in 80 hour a week jobs I am afraid. Well, glad to know someone out there is swimmy headed along with me. Steve Campbell OU Physicians Internet Software Developer/Web Manager University of Oklahoma Health Sciences Center 800 Northeast 15th Street ROB #601 Oklahoma City, Oklahoma 73172 CONFIDENTIALITY NOTICE: This e-mail, including any attachments, contains information from The University of Oklahoma College of Medicine, which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this email in error, please notify the sender immediately by "reply to sender only" message and destroy all electronic and hard copies of the communication, including attachments. -----Original Message----- From: Mark Bushaw [mailto:[EMAIL PROTECTED]] Sent: Friday, July 12, 2002 10:13 AM To: Multiple recipients of list witango-talk Subject: Re: Witango-Talk: One more! My wife works in an HR department. I have heard a little about HIPPA regulations. The thing that really struck me was when she said there could be no piece of paper in any file with both a name and a social security number on it. This legislation is still too new, and many of the requirements still have to go thru the court system to determine compliance, but it is scaring the heck out of me as I try to design a database and program for employee tracking and scheduling for a new company. Mark Bushaw On 12 Jul 2002 at 10:50, Dan Stein wrote: > Just to second that. I think the HIPPA guidelines actually require two > levels or more of security so I am not sure the traditional login system > works. It may be different for data not transmitted across the internet, but > I would suggest a careful reading of the guidelines is in order. > > When JCHH comes around next year I am sure this is one of the things they > will look at. > > Dan > > -- > Dan Stein > Digital Software Solutions > 799 Evergreen Circle > Telford PA 18969 > Land: 215-799-0192 > Mobile: 610-256-2843 > Fax 413-410-9682 > FMP, WiTango, EDI,SQL 2000 > [EMAIL PROTECTED] > www.dss-db.com > > > > From: Jason Pamental <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > Date: Fri, 12 Jul 2002 09:46:56 -0400 > > To: Multiple recipients of list witango-talk <[EMAIL PROTECTED]> > > Subject: Re: Witango-Talk: One more! > > > > Steve, > > > > This has certainly been an interesting thread - a lot of great ideas have > > been presented. One thing that got lost initially though is the point of > > needing the security: HIPAA regulations. The whole point of them is to > > provide security and privacy of medical records. Allowing doctors to do an > > end-run around having to log in with unique information defeats the purpose > > of the regulations. this exposes the patient's private medical information > > (and here is the point to bring up with hospital administration) exposes the > > hospital or medical group to HUGE liabilities and other legal consequences. > > > > It may be beyond your control, but you might find that the possibility of > > lawsuits might make it suddenly more palatable for the doctors to have to > > 'lower themselves' to remembering passwords to log into the systems. > > (although a bar-code added to the id badge they probably already have would > > be a nice solution as well). > > > > Just a little more fuel for the fire... > > > > Jason > > > >>> > >>>> > >>>> One more question. What can you capture without the user knowing it's > >>>> being captured. I know you can do normal stuff like, where they came > >>>> from, how long and that type of data, but, is there anyway to capture > >>>> their email address somehow without them knowing it? > >>>> > >>>> Any ideas? > >>>> > >>>> Steve > > > > -- > > ____________________________________________________________________ > > > > Jason Pamental, President [EMAIL PROTECTED] > > > > Bathysphere Digital Media Services, Inc. http://bathyspheredms.com > > ____________________________________________________________________ > > > > Tel: 401.490.6830 Fax: 401.490.6831 > > ________________________________________ > > > > ________________________________________________________________________ > > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > > with unsubscribe witango-talk in the message body > > > > ________________________________________________________________________ > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body
