HIPPA

[Guest guest]

I have a question. It is a practical question. I practice in Colorado. I think

that is required for patients to sign this form and for practicioners to give

this to patients. Where do I get this form? Can I buy them or make them myself?

Thank you

I really appreciate this help.

 

 

 

 

 

[Guest guest]

Hi, my understanding is that you do not need to be HIPPA compliant if you never

disclose patient information, meaning if you do NOT bill insurance. If you do

bill or exchange information electronically, you need to sign. I " ll send you my

form. You just give it to the client on the first visit and obtain a signature

that they have received it, pretty simple.

 

Regards,

Angela Pfaffenberger, Ph.D.

 

angelapfa

 

www.InnerhealthSalem.com

 

Phone: 503 364 3022

-

Yuliya Goldberg

Chinese Medicine

Thursday, November 06, 2008 4:22 PM

HIPPA

 

 

I have a question. It is a practical question. I practice in Colorado. I think

that is required for patients to sign this form and for practicioners to give

this to patients. Where do I get this form? Can I buy them or make them myself?

Thank you

I really appreciate this help.

 

[Guest guest]

Emmanuel,

When using encryption the sender encrypts with a particular

software product and the receiver uses the same product. The sender

creates a key which is forwarded to the receiver which the receiver

uses to open the encrypted message. For an example see this link

http://en.wikipedia.org/wiki/Pretty_Good_Privacy. Another

consideration for computer privacy is hacking or theft. If PHI

(personal health information) resides on a machine that is connected

to the internet that data should be behind a firewall

(software,hardware or both) otherwise it is at risk. Additionally data

should be password protected at the least to protect unattended

machines from non employees or in case of theft. I run a one man shop.

When I walk away from my machine to attend to clients after 20 minutes

I have software that automatically hides all data folders and password

protects them. See http://www.everstrike.com/. At the end of the day

after backing up I activate this software and should anyone break into

my office and steal a machine they have no access to the data as a

matter of fact they won't even see the folder on the hard drive.

Simple, easy, cheap security for your clients.

As far as US students getting in depth education in HIPPA I would say

that is not the case. If you want to educate yourself about all the

federal rules and regs that you are currently responsible for

including HIPPA I suggest you pick up a copy of David Kailin's book,

http://tinyurl.com/67fzg5

Cheers,

Michael

>

> My HIPAA computer administrator friend got back to me in quite a

cursory way. I think my question bugged him as hopelessly naive. His

response was that you can use any encryption software as long as it's

agreed upon by both sides of the electronic transmission. He noted

that your Microsoft XP Pro would have adequate capabilities. That was it.

>

> I replied back to him by asking what he meant by " agreed upon by

both sides " . It's not like you're going to have a casual conversation

with government or HMO tech support regarding the " agreed upon "

encryption software. Although maybe you are. So I'm still in the

dark at the moment. My friend has not replied back. He is in fact

the administrator for Univ. of Texas system tech support. I can see

that I'm going to have to ply him with some good tonic Chinese

formulas to get him in the mood to teach me a few things. Maybe you

will have to take one of those arduous weekend seminars. Here in the

U.S. the AAOM is developing that little cottage industry. Since

current nurse practitioners are getting in depth training in HIPAA, I

imagine current students at TCM schools are getting it, too. Or

should be.

>

> All the best,

> Emmanuel Segmen

>

> Hi Attilio,

>

> I believe the encryption software agreed upon for use by federal,

state, and local governments as well as hospitals and clinics is

unique and must be loaded. But I'm not a CS guy ... I'm biochem,

physio, anatomy, cell & molecular and genetics. You can ask me those

questions. So to get the correct answer to your question, I'll copy

to my friend who administers this software.

>

> Emmanuel Segmen

>

>

> Hi Emmanuel,

>

> I'm running XP Pro which allows you to encrypt certain areas of

your

> computer, so for example i have encrypted all my documents. Do you

> know if this encrytption software already supplied by Microsoft

with

> XP Pro, conforms to HIPAA regulations?

>

> Atti

>

[Guest guest]

I also strongly recommend David's book.

Hugo

 

" If you want to educate yourself about all the

federal rules and regs that you are currently responsible for

including HIPPA I suggest you pick up a copy of David Kailin's book,

http://tinyurl. com/67fzg5

Cheers,

Michael "

 

________________________________

Hugo Ramiro

http://middlemedicine.wordpress.com

http://www.chinesemedicaltherapies.org

 

 

 

 

 

________________________________

mpplac <inquiry

Chinese Medicine

Friday, 7 November, 2008 13:34:32

Re: HIPPA

 

 

Emmanuel,

When using encryption the sender encrypts with a particular

software product and the receiver uses the same product. The sender

creates a key which is forwarded to the receiver which the receiver

uses to open the encrypted message. For an example see this link

http://en.wikipedia .org/wiki/ Pretty_Good_ Privacy. Another

consideration for computer privacy is hacking or theft. If PHI

(personal health information) resides on a machine that is connected

to the internet that data should be behind a firewall

(software,hardware or both) otherwise it is at risk. Additionally data

should be password protected at the least to protect unattended

machines from non employees or in case of theft. I run a one man shop.

When I walk away from my machine to attend to clients after 20 minutes

I have software that automatically hides all data folders and password

protects them. See http://www.everstri ke.com/. At the end of the day

after backing up I activate this software and should anyone break into

my office and steal a machine they have no access to the data as a

matter of fact they won't even see the folder on the hard drive.

Simple, easy, cheap security for your clients.

As far as US students getting in depth education in HIPPA I would say

that is not the case. If you want to educate yourself about all the

federal rules and regs that you are currently responsible for

including HIPPA I suggest you pick up a copy of David Kailin's book,

http://tinyurl. com/67fzg5

Cheers,

Michael

>

> My HIPAA computer administrator friend got back to me in quite a

cursory way. I think my question bugged him as hopelessly naive. His

response was that you can use any encryption software as long as it's

agreed upon by both sides of the electronic transmission. He noted

that your Microsoft XP Pro would have adequate capabilities. That was it.

>

> I replied back to him by asking what he meant by " agreed upon by

both sides " . It's not like you're going to have a casual conversation

with government or HMO tech support regarding the " agreed upon "

encryption software. Although maybe you are. So I'm still in the

dark at the moment. My friend has not replied back. He is in fact

the administrator for Univ. of Texas system tech support. I can see

that I'm going to have to ply him with some good tonic Chinese

formulas to get him in the mood to teach me a few things. Maybe you

will have to take one of those arduous weekend seminars. Here in the

U.S. the AAOM is developing that little cottage industry. Since

current nurse practitioners are getting in depth training in HIPAA, I

imagine current students at TCM schools are getting it, too. Or

should be.

>

> All the best,

> Emmanuel Segmen

>

> Hi Attilio,

>

> I believe the encryption software agreed upon for use by federal,

state, and local governments as well as hospitals and clinics is

unique and must be loaded. But I'm not a CS guy ... I'm biochem,

physio, anatomy, cell & molecular and genetics. You can ask me those

questions. So to get the correct answer to your question, I'll copy

to my friend who administers this software.

>

> Emmanuel Segmen

>

>

> Hi Emmanuel,

>

> I'm running XP Pro which allows you to encrypt certain areas of

your

> computer, so for example i have encrypted all my documents. Do you

> know if this encrytption software already supplied by Microsoft

with

> XP Pro, conforms to HIPAA regulations?

>

> Atti

>

 

 

 

 

 

 

 

[Guest guest]

The HIPAA privacy and security rules are the primary areas of

compliance that most U.S. acupuncturists need to be concerned with.

Compliance is not required unless protected heath information (PHI) is

transmitted electronically. If you trigger HIPAA, you always trigger

both the privacy and security rules. Once triggered, the HIPAA

privacy rule applies to all PHI--stored in any medium--while the

security rule only applies to PHI in electronic form.

 

The patient notice of information privacy practices is only one part

of the overall requirements for complying with the HIPAA privacy

standard. The security standard imposes additional requirements for

handling PHI in electronic form.

 

If you trigger HIPAA, I'd suggest that you purchase a compliance

software package that is geared towards small and medium sized

practices. These packages contain all of the policies, forms, and

training that are typically required for compliance. You can find

them for a few hundred dollars.

 

--Bill.

--

Bill Mosca, LAc

San Francisco CA

mosca

 

On Nov 7, 2008, at 9:13 AM, Angela Pfaffenberger, PH.D. wrote:

 

> Hi, my understanding is that you do not need to be HIPPA compliant

> if you never disclose patient information, meaning if you do NOT

> bill insurance. If you do bill or exchange information

> electronically, you need to sign. I " ll send you my form. You just

> give it to the client on the first visit and obtain a signature that

> they have received it, pretty simple.

>

> Regards,

> Angela Pfaffenberger, Ph.D.

>

> angelapfa

>

> www.InnerhealthSalem.com

>

> Phone: 503 364 3022

> -

> Yuliya Goldberg

>

> Thursday, November 06, 2008 4:22 PM

> HIPPA

>

>

> I have a question. It is a practical question. I practice in

> Colorado. I think that is required for patients to sign this form

> and for practicioners to give this to patients. Where do I get this

> form? Can I buy them or make them myself?

> Thank you

> I really appreciate this help.

>

>

>