Here is the link to the HIPPA specs for those of you wanting some bed-time reading:
http://aspe.os.dhhs.gov/admnsimp/ Troy Sosamon ===== Original Message from [EMAIL PROTECTED] at 7/12/02 9:30 am >BINGO!!!!!!!!!!!! > >And you know, it's not too "new". It's coming and the scary part about >it is, I am having to re-examine all of my applications and how many >tiers of security I have on them. You basically can NOT have a piece of >paper with their name on it alone if it has anything to do with their >personal person as to who they are or their health status. > >HIPPA is going to be a Y2K with no clear definitions. Some of the >security regs alone are going to put people like us in 80 hour a week >jobs I am afraid. > >Well, glad to know someone out there is swimmy headed along with me. > > > >Steve Campbell >OU Physicians >Internet Software Developer/Web Manager >University of Oklahoma Health Sciences Center >800 Northeast 15th Street >ROB #601 >Oklahoma City, Oklahoma 73172 > > > > CONFIDENTIALITY NOTICE: This e-mail, including any attachments, >contains information from The University of Oklahoma College of >Medicine, which may be confidential or privileged. The information is >intended to be for the use of the individual or entity named above. If >you are not the intended recipient, be aware that any disclosure, >copying, distribution or use of the contents of this information is >prohibited. > >If you have received this email in error, please notify the sender >immediately by "reply to sender only" message and destroy all electronic >and hard copies of the communication, including attachments. > >-----Original Message----- >From: Mark Bushaw [mailto:[EMAIL PROTECTED]] >Sent: Friday, July 12, 2002 10:13 AM >To: Multiple recipients of list witango-talk >Subject: Re: Witango-Talk: One more! > >My wife works in an HR department. I have heard a little about HIPPA >regulations. > The thing that really struck me was when she said there could be no >piece of >paper in any file with both a name and a social security number on it. >This >legislation is still too new, and many of the requirements still have to >go thru the >court system to determine compliance, but it is scaring the heck out of >me as I try >to design a database and program for employee tracking and scheduling >for a >new company. >Mark Bushaw > >On 12 Jul 2002 at 10:50, Dan Stein wrote: > >> Just to second that. I think the HIPPA guidelines actually require two >> levels or more of security so I am not sure the traditional login >system >> works. It may be different for data not transmitted across the >internet, but >> I would suggest a careful reading of the guidelines is in order. >> >> When JCHH comes around next year I am sure this is one of the things >they >> will look at. >> >> Dan >> >> -- >> Dan Stein >> Digital Software Solutions >> 799 Evergreen Circle >> Telford PA 18969 >> Land: 215-799-0192 >> Mobile: 610-256-2843 >> Fax 413-410-9682 >> FMP, WiTango, EDI,SQL 2000 >> [EMAIL PROTECTED] >> www.dss-db.com >> >> >> > From: Jason Pamental <[EMAIL PROTECTED]> >> > Reply-To: [EMAIL PROTECTED] >> > Date: Fri, 12 Jul 2002 09:46:56 -0400 >> > To: Multiple recipients of list witango-talk ><[EMAIL PROTECTED]> >> > Subject: Re: Witango-Talk: One more! >> > >> > Steve, >> > >> > This has certainly been an interesting thread - a lot of great ideas >have >> > been presented. One thing that got lost initially though is the >point of >> > needing the security: HIPAA regulations. The whole point of them is >to >> > provide security and privacy of medical records. Allowing doctors to >do an >> > end-run around having to log in with unique information defeats the >purpose >> > of the regulations. this exposes the patient's private medical >information >> > (and here is the point to bring up with hospital administration) >exposes the >> > hospital or medical group to HUGE liabilities and other legal >consequences. >> > >> > It may be beyond your control, but you might find that the >possibility of >> > lawsuits might make it suddenly more palatable for the doctors to >have to >> > 'lower themselves' to remembering passwords to log into the systems. >> > (although a bar-code added to the id badge they probably already >have would >> > be a nice solution as well). >> > >> > Just a little more fuel for the fire... >> > >> > Jason >> > >> >>> >> >>>> >> >>>> One more question. What can you capture without the user knowing >it's >> >>>> being captured. I know you can do normal stuff like, where they >came >> >>>> from, how long and that type of data, but, is there anyway to >capture >> >>>> their email address somehow without them knowing it? >> >>>> >> >>>> Any ideas? >> >>>> >> >>>> Steve >> > >> > -- >> > ____________________________________________________________________ >> > >> > Jason Pamental, President [EMAIL PROTECTED] >> > >> > Bathysphere Digital Media Services, Inc. http://bathyspheredms.com >> > ____________________________________________________________________ >> > >> > Tel: 401.490.6830 Fax: 401.490.6831 >> > ________________________________________ >> > >> > >________________________________________________________________________ >> > TO UNSUBSCRIBE: send a plain text/US ASCII email to >[EMAIL PROTECTED] >> > with unsubscribe witango-talk in the message body >> > >> >> >________________________________________________________________________ >> TO UNSUBSCRIBE: send a plain text/US ASCII email to >[EMAIL PROTECTED] >> with unsubscribe witango-talk in the message body > > >________________________________________________________________________ >TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body >________________________________________________________________________ >TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body
