Thanks to Priscilla, I think the below may be what I was looking for...more reading before I make a final determination.
http://aspe.hhs.gov/admnsimp/nprm/seclist.htm Thanks! ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Charles Riley wrote: > > > > Sorry for the OT post, but have searched high and low, and no > > No problem. I don't think it's really OT. HIPAA is going to have a big > affect on many data networks. > > I'm surprised that you say there isn't information available on how to > become HIPAA compliant. There's a lot, isn't there? If companies are saying > that they are HIPAA certified, that's a bit of a misnomor. I don't think > there's any certification, but there is compliance info available. > > Did you check these links: > > http://www.hipaadvisory.com/ > > http://aspe.hhs.gov/admnsimp/ > > http://www.cms.hhs.gov/hipaa/ > > http://www.hipaa.org/ > > I wonder if you could hire a consultant to help you wade through all the > regulations and confusing info from the goverment. Hopefuly some consultants > will specialize in this. > > Priscilla > > > definite > > answer in site. Really, really apoliogize for the nontechnical > > nature of > > this post, but I have reached a wall after searching all over > > for an answer. > > I guess you could say that I am "ill" with searching... > > > > HIPAA is an medical information protection and privacy act > > passed by > > Congress in 1996. The deadline for complying or gettting an > > extension is > > this year. You'll probably see more and more requests like > > mine as the year > > goes by, so I figured I'd start things off. > > > > HIPAA is currently in a state of flux as far as implementation > > and > > enforcement is concerned, as many medical professional and > > organizations > > rush to comply. Which brings me to my question... > > > > In my searches, I see several organizations trumpeting the fact > > their data > > centers are "HIPAA certified", meaning that they are cleared to > > process, > > store, or otherwise handle medical and private info. How is > > it possible to > > achive this certification when there does not seem to be any > > standards or > > processes from the U.S. government detailing what will earn the > > certification? > > > > Does having a couple of tape drives on a server behind a > > firewall with > > restricted access qualify a data center to be "HIPAA > > Compliant"? Is there a > > checklist, policy, standard, or procedure for certification > > required by the > > U.S. government that I missed in my searches? If so, I would > > appreciate > > gettting the links to such information. > > > > TIA, > > > > Charles Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61396&t=61396 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]