Developers and HIPAA

Submitted by

How to handle old emails

I'm a web designer and have a client who has recently become hipaa compliant concerning his handling of email. He needed me to search his old emails from about 6 years ago for a certain file. Though he no longer uses that email address, the emails were still in webhosts database, and they were never hipaa compliant. He was wondering if he should just delete those old emails, since they are not hipaa compliant we thought ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

Data Recording

I am a student creating an app for school project. I was wondering if I have to be HIPAA compliant. I am creating an app, where diabetics can store their glucose and calculate insulin dosage. None of the information will be sent to hospitals or physicians. How would HIPAA work in this case? Thank you ahead.

Voting

3 votes
3 up votes
0 down votes

Developers and HIPAA

Submitted by

Hospital Outpatient Pharmacy Notice of Privacy Practices

If a patient acknowledges receipt of a Notice of Privacy Practices when admitted to a Hospital, does the Hospital-owned outpatient pharmacy using the same electronic software have to provide a second Notice and obtain patient acknowledgement again? Can the original notice cover all outpatient departments under Hospital ownership?

Voting

3 votes
3 up votes
0 down votes

Developers and HIPAA

Submitted by

HIPAA Program Compliance Manger

This was addressed on your old FAQ page for a number of years and it seems to have disappeared. Can "open format" postcards still be used to remind patients of upcoming appointments as long as HIPAA's minimum necessary standard is observed? Something like, "Dear Sue, We would like to remind you of your upcoming appointment on Tuesday, September 12th at 2:20 pm"?

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Submitted by

Health Information Systems and HIPAA Compliance

We're a non profit organisation seeking to deploy an open-source health management application for use. We classify as a Business Associate as we provide services for a health care provider under HIPAA. We urgently need to know what exactly are the requirements a health information system needs to meet in order to satisfy HIPAA. It would be helpful to know if there's some document or checklist to work with. We'd also ...more »

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Submitted by

Ransomeware Attack

I just heard that a practice in our area had a ransomware attack. Based upon their investigation their manager stated that the hacker did not get access to the PHI data and therefore did not need to report to patients or the Dept. of HHS. I question their judgement since I'm not certain if they can tell even tell if the only thing the hacker did was lock them out access to their patient PHI and didn't also create an ...more »

Voting

-1 votes
0 up votes
1 down votes

Developers and HIPAA

Submitted by

Unencrypted Text without PHI?

Can a provider, or business associate acting on behalf of a provider, send an unencrypted text or email to a patient if the initial message does not contain protected health information and the patient requested the communication? If so, can the patient give the provider consent to use a third-party mailing service, even if the provider (or business associate of the provider) does not have a business associate agreement ...more »

Voting

1 vote
1 up votes
0 down votes