HIPAA

The Health Insurance Portability and Accountability Act of 1996 (HIPAA; Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum–Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello - we need to send some encrypted emails for only a few users for HIPAA requirements. What do you recommend?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE
LVL 4
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Which site do you recommend the easiest way to get HIPPA certified.

site that gives you a the training and exam.
0
I am mapping a HIPAA 837 EDI to a database table.  I need to put thing such as patient first name, last name, and middle initial from the independent fields in the EDI file to one field in the database table separated by a semi-colon.  So I have this:

concat screenshot
Which doesn't work AT ALL.  I can map the individual field, such as Name Last or Organization Name over to Patient name by itself and that works fine.  But concat gives me nothing.  When running the debugger, the resulting SQL statement literally says:

INSERT INTO [dbo].[mytable] ([PatientName]) VALUES ((CAST(NULL AS varchar(255))))

It's like Altova isn't even trying.  Any ideas?  Concat is one of the main things I need to do.

JamesNT
0
Patients in clinic need to be able to type their name and chief complaint into a spreadsheet or database at a kiosk, but they can't see any data that has been entered previously, for HIPAA reasons (can't see another patient's name or complaint).  All the data needs to be viewable by the registrar so they will know who is in the waiting room.  I've done excel spreadsheet which uses a macro to move the data from the registration spreadsheet into another spreadsheet, which is what I want.  However, I don't know how to make it so the spreadsheet is not accessible by the person standing at the kiosk.
0
Hello Experts,

This is probably a dumb question, but I have never worked with a text matching tool before (other that find and replace) and need guidance.

I need to complete a data discovery on sensitive information - mainly PII and/or PHI (flat files, NAS shares, endpoints).

The software that I have looked at, dtSearch and FileLocator Pro both say they can find this data. I only see the option to type in a word or a phrase at a time.

Can you please tell my how to set up products like these to  search for any PII or PHI? Are there dictionaries to purchase separately or something?

Thank you,
Steph M
0
A blue line appears on the screen when viewing documents scanned in from a Dell 3465dn printer.  This happens intermittently and I am unable to reproduce the issue with any regularity.  Checked 9 documents, all scanned within a few hours before I found one with the line on it.  This printer is B&W only and I have received no complaints of the line appearing on prints but the main document scanned is rarely printed out.  I wish I could post an example, but I work for a medical company and doing so would be a clear violation of HIPPA regulations.  Just wondering if anyone has any ideas on what could be causing this.  The scanner bed is clean and there are no scratches.
0
Currently looking for suggestion on a video conferencing unit that would be used in a health care environment, it needs to be in compliance with HIPPA and Unit has to be a standalone unit with no subscription cost.
0
Dear experts,

I am supporting a few small dental offices that host the dental application server in house.

Some of this clients  do not have a way to fire up the server that they depend on once there is a hardware failure.

Today a power supply went bad and they are without their application until wednesday.

In other locations you can restore a virtual machine server from a  backup job  from storage.

No such thing here. What is the best solution in case they need a loaner or a image restore program?

Thanks, M
0
3
I have a client who wants a HIPAA security audit done for her very small medical practice. I've downloaded the toolkit, and understand what needs to get done. But I've no idea how to charge for it. Her practice is really small - just her (the practitioner) and a secretary. Not a whole lot of money. I need to set this up such that it's worth my time, but she can also afford it. Any suggestions on pricing models for this?
0
Ransomware Attacks Keeping You Up at Night?
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

I need to calculate exact age from today.  It must be in T-SQL I can not create a store procedure or function.  Another twist is the date as stored in a Varchar(255) type.   It has a format like  YYYY-mm-dd  ex 1971-02-12.  The database is SQL 2005.

Thank You
0
OnPage: Incident management and secure messaging on your smartphone
0
We are discussing a potential partnership around a project that would involve patients taking photos with a smart phone app.  Photos would be shared with a central data repository and analysed by a team of researchers and I have concerns about data security.  I'm worried about how data is protected, how they handle private info and private images, etc...  do you know how we may go about reviewing their systems to be comfortable that they are okay? Is it possible to hire an auditor for HIPAA compliance? Are there any other concerns that need to be brought up?

thank you so much!
0
Hello,

Are there any best practices out there when it comes to granting a vendor an 'admin level' domain user login in a HIPAA environment, that will either have it expire, not require a change in password, or other features?
0
Greetings.

We have a client who needs to be HIPAA compliant, however their recently built website by an outside agency includes form submissions with fields requesting personal information. We have expressed concerns regarding HIPAA in regards to their newly built Wordpress site and have requested that the forms be taken down until a compliant solution is found.

The client is adamant that they need to have such submissions for their business, however what is being gathered in the forms include social security numbers, etc... The advertising agency that built the site also has no concerns regarding HIPAA - nor would they be expected to.

Is there a recommended solution to work with Wordpress that will satisfy HIPAA compiance?

Thanks
0
Greetings.

We have a client who needs to be HIPAA compliant, but wants to start using Skype for Business. While we can't always control what may or may not be in the background while an end user is having a Skype conversation, we'd like to inquire if there are any security concerns with the platform itself in regards to security and HIPAA compliance.

Any input or suggestions will be most appreciated.

Thanks
0
Greetings.

We are managing an environment that has 52 laptops running Windows 7 Professional. All of the laptops have been encrypted using TrueCrypt in an attempt to be HIPAA compliant. The problem with this solution is that each time the system is rebooted the end user needs to enter the encryption password before the system will boot. In consideration of patch management and the occasional application install this makes the process more time consuming.

Is there a way that we can still have drive encryption in place but still be able to reboot and connect to the affected system? We are remotely managing these systems using Continuum's patch management and monitoring solution. Unfortunately I do not see an encryption option with their package. From what I have been reading some users who also need to be HIPAA compliant have reported that TrueCrypt doesn't always pass an audit because there's no reporting.

At this point we are more interested in making sure security updates can be applied and maintenance can be run, but also need an encryption solution that will still allow us to reconnect after reboot.

Any suggestions will be most appreciated.

Thanks
0
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
1
 
LVL 17

Expert Comment

by:Kyle Santos
Comment Utility
Thank you for writing this.  (HIPAA is an official topic now. :) )
0
Hello folks,

The problem: Imagine an insecure website (is not https), that collects new customer information via electronic forms which will contain HIPAA protected data by the time 'Submit' is clicked. I have been tasked with helping a customer modify their practices, at least in the narrow capacity I just detailed, to become HIPAA compliant.

Gsuite or Wordpress plug-ins have been mentioned as possible avenues, but I'm still at the 'I don't know enough to ask intelligent questions' stage. HIPAA is such a broad and complex topic, search results are overwhelming. I also believe that securing the collection of information is just the tip of the iceberg.

I'm surely not the first person to encounter this. Any suggestions on a coherent and focused approach to this problem would be greatly appreciated.

Thank you in advance!
0
I recently picked-up a small medical clinic as a new client.  I'm looking for a HIPAA compliant access point that I can recommend to them to replace their current (very non-compliant) one.  They have about 10 users. They've been running just about everything on WiFi for quite some time, but I'll be running cable to get their primary PCs off wireless.  So, probably 4 laptops and a few phones will need WiFi access once all is said and done.  

Thanks for any suggestions.

Tom
0

HIPAA

The Health Insurance Portability and Accountability Act of 1996 (HIPAA; Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum–Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

Top Experts In
HIPAA
<
Monthly
>