Developers and HIPAA

Submitted by

virtual job board interpreter services

Healthcare providers place requests for interpreter services on a web portal that the state agency leases from a private vendor. Interpreters then log into the web portal to fish for appointments. They can access the web portal from their computers or mobile devices and do so frequently at public places such as coffee houses, libraries, waiting rooms, etc. where there is no expectation of privacy. All appointments are ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

How granular should logs be in saving access-to-PHI events?

As a software developer in the role of business associate I have read about what needs to be captured and stored by software that handles PHI for a covered entity. To be a good vendor, we want to provide our customer the requisite log data about user credentialing (adds, permissions, changes, disables, deletes), and about PHI activity within our software product. We currently log all changes to PHI made by our product. ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

How to handle old emails

I'm a web designer and have a client who has recently become hipaa compliant concerning his handling of email. He needed me to search his old emails from about 6 years ago for a certain file. Though he no longer uses that email address, the emails were still in webhosts database, and they were never hipaa compliant. He was wondering if he should just delete those old emails, since they are not hipaa compliant we thought ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

Surveillance Cameras and HIPAA

The mental health organization I am working with wants to install cameras in an area where people receive services (so they are identified by face and as being in need of the service provided). The organization will have an app to monitor camera activity etc but they want an existing telecommunications company to install and maintain the cameras and the video/images. The company they have chosen has never and will not ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

iOS keychains for saving pass/access token is HIPAA complaint?

I am building a mobile application to facilitate the patients and I am accessing the PHI through RESTful web apis.

I want to clarify one thing that I surfed a lot on google recently is, if I save patient's password or access token for re-authentication in iOS keychains, then may I consider this approach or this would be vulnerable to save the passwords in iOS keychains and violates HIPAA compliance act?

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

Is a state-run MMJ registry a covered entity?

Is a state-run medical marijuana patient registry a covered entity? The Florida registry includes identifiable patient personal information and MMJ "prescription" information that is passed from the physician, to the DOH, to dispensing retail locations. Any physician, law enforcement officer, or retail location employee can find and view any patient's information. Here is the Florida physician user manual: http://www.flhealthsource.gov/ommu/forms/registry-user-guide-physician.pdf ...more »

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Submitted by

Is my App following acceptable security protocol through HIPPA?

I email addresses of the users of the app, which are all doctors not patients, for authentication purposes. The application uses SSL encryption for transmission of data between a user's phone and the backend servers. The data is not currently encrypted on the server, but will become encrypted in a future version. Security around the data is restricted such that a user can only access their own data and is not accessible ...more »

Voting

2 votes
2 up votes
0 down votes

Developers and HIPAA

Submitted by

Whether App is transmitting and storing PHI?

I have mobile application for tracking physician compensation, and I'm not sure if it contains data points separately or together which would be considered PHI under HIPAA. The application is designed to help a physicians track procedures they perform. This app helps doctors keep tabs on their case log. The information collected is date of case, age of patient (but range, i.e age 1-5), date billing was submitted, diagnoses ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

online social communities sponsored by a covered entity

We are a covered entity, and developing an online education program for a medical condition. Only registered/approved users are able to join view pages. So it may be assumed that a user has the medical condition, but the site does not require that users identify themselves to others. Users will have the option to enter PHI in a secured profile (hipaa compliant...), but can elect not to enter any info. The users will ...more »

Voting

1 vote
1 up votes
0 down votes

Developers and HIPAA

Submitted by

HIPAA E-Signature Compliance

We are developing an iOS App that will be used by a collaborative group of agencies that provide care services to members of the community. Most agencies are Medicaid paid related but the cooperative includes non-healthcare community agencies that are 'referral partners'. If a member of a participating agency engages a member of the community that needs some form of care, the agency uses our App to complete a Referral ...more »

Voting

1 vote
1 up votes
0 down votes