Re: HIPPA measures to comply

["Gary Kuznitz" <docfxit@xxxxxxxxxxxx>]

Hi Dan,

Since I was just told today that we need to comply I am trying to figure out 
how 
unprepared we are.  So far my understanding is there is a lot that effects 
every 
person in a hospital or dentist office.  I am trying to discover how much that 
really 
effects us.

Thank you,

Gary Kuznitz

PS:  Are there any people on this list associated with the health care industry?

On 27 May 2003 at 11:32, Dan (Dan <midrange-l@xxxxxxxxxxxx>) commented about 
Re: HIPPA measures to comply :
> Hi Gary,
> 
> I was very briefly in an environment where there was software development 
> going
> on for medical billing software.  I cannot speak with authority to the 
> questions
> you raise.  Based on my exposure to what was coming down the pike though, if 
> you
> are asking these kind of questions now, you are likely woefully unprepared for
> the HIPAA requirements.  Don't take that as an insult.  But, truly, this isn't
> just a policy change of encrypting SSNs.  I believe they give whole-week
> seminars on HIPAA; it isn't an afternoon hunkering down with a newsletter.  
> But
> then, what would you expect from new government regulations?  ;-)
> 
> BTW, I am all for more privacy, esp. when it comes to medical history.  But I
> understand (without fully understanding HIPAA) that there may be instances
> (exclusions?) in the new regs that allow doctors and clinics to make your
> medical history available to outsiders even when it is not warranted; 
> supposedly
> they do this by giving you a form to sign that begins with something like 
> "HIPAA
> requires us to notify you... blah, blah, blah."  At the end of the document, 
> you
> are asked to sign it to "verify" that you have read this and understand it 
> blah,
> blah, blah.  When, in fact, you could be giving them carte blanche to 
> distribute
> this information you are trying so hard to keep private.  Personally, I would
> never sign a document that is supposedly a "verify that you read this"
> signature.
> 
> Oh, and why is it that SSNs are *STILL* printed on most health insurance 
> cards? 
> Does anyone know if HIPAA addresses that?  We're told not to carry our social
> security card with us, but nearly everyone of us does, in the form of a health
> insurance card.
> 
> - Dan
> 
> --- Gary Kuznitz <docfxit@xxxxxxxxxxxx> wrote:
> > Hi,
> > 
> > I wonder if any would share the steps they have gone through in IT 
> > to comply with HIPPA.  
> > 
> > I realize some people are encoding the SSN in all files.  Is this 
> > mandatory or is it only done if there is more than one person 
> > working on the AS/400 so prying eyes don't see it?
> > 
> > I understand all communication lines must be encrypted with 
> > something like VPN.
> > 
> > It's my understanding all IT personnel are supposed to sign a 
> > document about not divulging SSN info.  Where can I find this 
> > document?
> > 
> > Thank you,
> > 
> > Gary Kuznitz
> 
> 
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To
> post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or
> change list options, visit:
> http://lists.midrange.com/mailman/listinfo/midrange-l or email:
> MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review
> the archives at http://archive.midrange.com/midrange-l.
>