1.  Home
  2. MIDRANGE-L
  3. May 2003

Re: HIPPA measures to comply

Hi Gary,

I was very briefly in an environment where there was software development going 
on for medical
billing software.  I cannot speak with authority to the questions you raise.  
Based on my exposure
to what was coming down the pike though, if you are asking these kind of 
questions now, you are
likely woefully unprepared for the HIPAA requirements.  Don't take that as an 
insult.  But, truly,
this isn't just a policy change of encrypting SSNs.  I believe they give 
whole-week seminars on
HIPAA; it isn't an afternoon hunkering down with a newsletter.  But then, what 
would you expect
from new government regulations?  ;-)

BTW, I am all for more privacy, esp. when it comes to medical history.  But I 
understand (without
fully understanding HIPAA) that there may be instances (exclusions?) in the new 
regs that allow
doctors and clinics to make your medical history available to outsiders even 
when it is not
warranted; supposedly they do this by giving you a form to sign that begins 
with something like
"HIPAA requires us to notify you... blah, blah, blah."  At the end of the 
document, you are asked
to sign it to "verify" that you have read this and understand it blah, blah, 
blah.  When, in fact,
you could be giving them carte blanche to distribute this information you are 
trying so hard to
keep private.  Personally, I would never sign a document that is supposedly a 
"verify that you
read this" signature.

Oh, and why is it that SSNs are *STILL* printed on most health insurance cards? 
 Does anyone know
if HIPAA addresses that?  We're told not to carry our social security card with 
us, but nearly
everyone of us does, in the form of a health insurance card.

- Dan

--- Gary Kuznitz <docfxit@xxxxxxxxxxxx> wrote:
> Hi,
> 
> I wonder if any would share the steps they have gone through in IT 
> to comply with HIPPA.  
> 
> I realize some people are encoding the SSN in all files.  Is this 
> mandatory or is it only done if there is more than one person 
> working on the AS/400 so prying eyes don't see it?
> 
> I understand all communication lines must be encrypted with 
> something like VPN.
> 
> It's my understanding all IT personnel are supposed to sign a 
> document about not divulging SSN info.  Where can I find this 
> document?
> 
> Thank you,
> 
> Gary Kuznitz


__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.