hipaa

Audit trails and implementing HIPAA best practices

Are there any best practices for audit trail implementation for HIPPA starting with database design. ...

Membership Providers and HIPAA Compliance

Does anyone know if the provided SQL and Active Directory Membership Providers in ASP.NET 2.0+ are HIPAA compliant? Clarification: I understand that HIPAA mandates patient information be secured and that certain policies be put in place to secure access to that information. Can Microsoft's SQL and AD Membership Providers be used for h...

EDI HIPAA X12 Developer tools.

What are some develper tools other than Altova Mapforce for mapping HIPAA X12 such as the 837, 835, 277? ...

Standards for Encrypting data in SOX/HIPAA in SQL Server 200x

I was wondering if there are any standards for encrypting sensitive data in Database which are compliant w/ SOX or HIPAA. Or does the Encrypt Function in SQLServer necessary?. or handle in Business logic. Any ideas or links we have. ...

Web site HIPAA compliance

Ok I got the concept of HIPAA. Thanks to all those who participated. But anybody has real experience on how to setup the website and programming. I am trying to implement this with .NET. Is SSL Certificate enough to ensure the privacy of the information. This is the thing I am going to have webforms that are going to submit this info to...

MS Stack web host with HIPAA expertice?

I'm a consultant, helping a provider of small medical practice management software move to the web. We're looking for a host that has experience with HIPAA-compliance, and supports the MS Web stack (IIS / .net / SQL Server) Can anyone here provide a recommendation of such a hosting company? Thanks, Andrew ...

Is there a HIPAA certification that would be helpful to programmers?

I work at a Medical Billing company that's software handles many facets of the centers practice, including patients, treatments, etc. To be frank, the only thing I know about HIPAA is security is paramount. I was wondering if there were any training courses with an earned certification proving knowledge/experience that I could use to i...

Can you create a HIPAA compliant Amazon S3 Web Application?

I am facing some questions when trying to design an S3 application using ASP.NET MVC and trying to stay HIPAA compliant. My initial plan was to require an SSL connection to my web server, encrypt the images on my server, then send them to s3 using my private keys. Here's my obvious concerns: You cannot store unencrypted images in any...

C# XML Deserializer fails to deserialize Child Node

I have an XSD and a class generated by XSD.EXE I'm using to deserialize an XML document. For some reason, a node fairly deep into the XML document is failing to deserialize, and I can't find why it would be doing so... Here's how I'm deserializing: XmlSchema schema = XmlSchema.Read(XmlReader.Create("X12_00401_271.xsd"), null); XmlSeri...

[How] Can I have on Party in BizTalk use two different GS02 segments for the same EDI Message type?

Calling all BizTalk / HIPAA EDI Gurus... I have a connection to an EDI clearinghouse to whom I send X12 270 documents using BizTalk 2009. The "Information Source" for these 270s can be either of two depending on a variety of factors. For one Information Source, the clearinghouse requires one value in my GS02, and for the other, they r...

Security HIPAA ePHI Encryption

I have some down time and I am think of picking a new project for fun. I am a college student and every year we have a online pitch competition. I want to create a project for this pitch competition that is approx 9 months from now. The problem is the project requires very high security and the competition is a very competitive. Things...

Overloading a Native PHP Function to Encypt Data for HIPAA Compliance

Background Information: I'm part of a team of developers that runs a web application that stores and retrieves HIPAA (medical) data. Recently, the HIPAA guidelines were updated to include a policy that requires that all identifying client information be encrypted when it is "at rest" (stored in the database and not being accessed). The...

Maintaining HIPAA Compliance Using Views in MySQL

The Problem We have a large web application that stores and displays sensitive HIPAA-related data. We're currently researching ways to improve HIPAA compliance and reduce the risk of having a violation. Currently, there are several features and reports that do not correctly restrict client information based on the permissions of the pe...

Examples of 2 factor authentication?

Hi all, I am doing a HIPAA application soon and it requires 2 factor authentication. Can anyone give me an example? I am thinking a secure login and then a form that requires the user to enter their birth date or something. Thanks, Darren ...