Monday, March 7, 2005

'Good guys' show just how easy it is to steal ID

  • Categories: HIPAA, Technology
  • Printer Friendly|#| Trackback

'Good guys' show just how easy it is to steal ID:

" Teams of hackers surfed the Web at Seattle University yesterday, harvesting Social Security and credit card numbers like a farmer cutting wheat. In less than an hour, they found millions of names, birth dates and numbers -- cyberburglar tools for the crime of identity theft -- using just one, familiar Internet search engine: Google. "

The problem is not Google. The problem is the sites that allowed these documents to be indexed. I wonder how successful we would be finding protected health information?

[Via HIPAA Blog]



Saturday, November 20, 2004

Mythbusting HIPAA

  • Categories: HIPAA
  • Printer Friendly|#| Trackback

A question came up this week about whether or not we could administer eye drops in the waiting room to patients having cataract surgery. This led me to Google, which led me to 'HIPAA Myth Buster'. In reading through this and related sites, I discovered that many things that we do in the name of 'HIPAA compliance' just are not necessary.

Here is but one example:

""HIPAA doesn't allow my staff to call patient names in the waiting room, so now we have to call patients by number.

"Actually, HIPAA does permit the staff to call out patient names in waiting rooms. The regulations provide that when a physician makes the good faith effort described above, he or she is permitted to disclose information "incident to a use or disclosure otherwise permitted" by the regulations.

"The government says that means that a physician or staff member can call out names in the waiting room, hang charts outside doors, or use a whiteboard to list patients in the building or office. However, one should refrain from unnecessary disclosures. For instance, calling out names in the waiting room is fine, but calling out names and diagnoses would be problematic.""

I still don't know whether we can administer eye drops (would it be an 'incidental disclosure'?) but I do know, as I long suspected, that some of what we do is stupid and driven by the vendors that want to sell us their 'solutions.'



April, 2008
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30  
Mar  May

Feeds and Categories

Blog Roll

Google Modules
   Body Mass Index
   Allowable Blood Loss

Anesthesiology
   The Ether Way
   Westmead Anaesthesia Blog
   Anesthesioboist
   Book of Joe
   Anesthesiamania
   i'm so sleepy
   GASMAN

Medicine
   Aggravated DocSurg
   Retired Doc
   Finger and Tubes
   Running A Hospital
   Medviews
   Doctor
   Chance To Cut
   Medlogs
   Medpundit
   RangelMD
   DB's Medical Rants
   EchoJournal
   Palmdoc Chronicles
   Blogborygmi
   The Well-Timed Period
   WebMD

Journals
   NEJM
   JAMA
   A&A
   Anesthesiology

Geeks Like Me
   Seth Dillingham
   Jonathan Greene