Slashdot Mirror
Striving for HIPAA Compiance?
krisguy asks: "As a Oxygen Transfill Technician for a DME (Durable Medical Equipment - wheelchairs, oxygen, and such) company, my only regulatory problems have been with the FDA. Recently, due to good management of FDA regulations, I was appointed HIPAA security officer for my company. I looked at the 'helpful' compliance manual from our buying group, and realized that I have to try to get over twenty people who have 'limited knowledge of computers' (read: don't want to learn) to begin to use stuff like PGP, ANSI X12 codes, and having to write, train, and enforce procedure rules. To top this all off, I only have until April 14, 2003 to get most of this fully functional or forced to have the company shut down. I am wondering if any Slashdot readers in medical fields are feeling the pain of HIPAA like I am right now, and what ways can I get everyone to comply besides "You don't do it, you don't work here."?" Ask Slashdot last touched on HIPAA issues when this article which concerned itself with Windows 2000 and HIPAA issues. For those who have already hopped thru the rings that represent HIPAA compliance on an general basis, what did you have to insure was done?
Well its a lot worse than you might think. Its now illegal to send personally identifiable information via electronic means (such as email).
The net result is, in a government office dealing with MediCare or MediCaid, they can't talk about anything in email if it can be used to identify who a person is.
You can't even get updates on the status of your perscription refill by email legally any more... EVEN IF YOU AUTHORIZE IT!
Is there an computer man in the house? Ahhhh!
Friends don't help friends install M$ junk.
That FAQ is on a government site. The same government that found M$ to be an illegal monopoly is pushing Word. Ahhhh, it's like there are M$ Adverts in the Post Office and Bill Gates is electing himself leader of US minitruth.
Friends don't help friends install M$ junk.