Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HIPPA Compliance/Certification?


  • Please log in to reply
4 replies to this topic

#1 josephtillman11

josephtillman11

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 19 December 2014 - 03:42 PM

Hopefully this is the right forum to post in..

I do IT work and am expanding into medical practices. I understand they must be HIPPA compliant and i was wondering if I need to be certified/take a test or anything to be able to even do IT work for a medical practice (third party IT). Some have said i need to have some certification to see the confidential patient information and I was wondering if any of you could maybe be more specific and show me what requirements they must meet or what certification I need to get to legally be able to work on their stuff, being I will be exposed to private patient information. 

 

Thanks



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:19 PM

Posted 19 December 2014 - 04:03 PM

No, there is no certification required.  However, you do need to be fully aware of the HIPAA laws and the security systems on the computer and any transference of data must be HIPAA compliant.

 

For more information, you can read these:

 

http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2003.html

 

http://www.hhs.gov/ocr/privacy/hipaa/understanding/

 

http://smallbusiness.chron.com/hipaa-certification-2810.html

 

Orange Blossom :cherry:


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:19 PM

Posted 19 December 2014 - 04:08 PM

If you work in IT, your company should have HIPPA related information in their policies and procedures manual. Those manuals are typically produced by the Human Resources Dept and distributed to all other departments within the agency. The head of the IT Dept may have further guidelines and procedures so it is always a good idea to check with that person as well.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:19 PM

Posted 25 December 2014 - 11:39 PM

You need to be HIPPA Compliant, which means your company’s HIPPA Coordinator Must give employees a certain amount of training per year on HIPPA if your position allows you to view patient’s private data. 

 

ON TOP OF THAT, your state can add to but no Take away from, the current standard. 

 

For you as an IT guy, are you doing HL7 or DICOM sided work?  DICOM is for Medical Imaging, HL7 is for billing and patient demographics.  Each has about 15 different plus certs you can get and use. 

Here are SOME of the many different Organizations that make up the Standards, and training for the whole of medical IT.

 

  • Certified Imaging Informatics Professional (CIIP),
  • Society for Imaging Informatics in Medicine (SIIM),
  • American Registry of Radiologic Technologists (ARRT),
  • Healthcare Information and Management Systems Society (HIMSS),
  • PACS Administrators Registry and Certification Association (PARCA),
  • American College of Radiology (ARC),
  • Health Insurance Portability and Accountability Act (HIPAA),
  • Health Information Technology for Economic and Clinical Health (HITECH)

You can find all these with a google search,

Also go to these sites for the current Standards and Updates to both HL7 and DICOM

Also check the Joint Commission for Healthcare, which is like UL.  That is what all Healthcare is really scared of not HIPPA but the JC.  They can pull all your Federal Funding in a day, and do it all the time.

 

I got a whole paper if you want to read up on Healthcare IT.  Back in college, last job was as a BioMed and Healthcare PACS admin / Help guy.

 

Good luck

czarboom


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#5 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:19 PM

Posted 25 December 2014 - 11:55 PM

 

 

Some have said i need to have some certification to see the confidential patient information

 

Remember the Federal Government Could Care Less, but your STATE could care.  Each is different and IF you are working in Mammography or womens health a standard called MQSA (Mammography Quality Standards Act) IS a Federal LAW.  So it requires all kinds of fun stuff that nothing else requires, like what HAS to be in the DICOM header, or Where images can be saved and for how long etc. 

http://www.fda.gov/Radiation-EmittingProducts/MammographyQualityStandardsActandProgram/default.htm

and

THE NEW thing is a advisory pannel for EHR or electronic Healthcare Records, currently there are NO laws just recommendations.  But, that will change very shortly.  Right now healthcare facalities that are not MQSA controlled can do whatever they want as long as HIPPA is covered.  And HIPPA says very little about IT Security.  

http://www.healthit.gov/policy-researchers-implementers/health-it-legislation-and-regulations

 

I spend 5 years in Healthcare IT, and as of 2012, I still have Computers that ran on Windows ME at some sites.   In general healthcare IT runs about 3 to 4 years behind the current.  So its a eye opener when you get into it.

 

Hope it helps,

czarboom


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users