--- In dstar_digital@yahoogroups.com, "Frank P." <n2...@...> wrote:
> > A group of ARES volunteers at a local shelter are in direct > communication with the Red Cross HQ, or a hospital, or the local > OEM. The shelter has several sick or injured individuals who need > assistance or transportation to a hospital. The shelter emcom hams > prepare a database (Excel spreadsheet, text message, etc.) containing > the names, addresses, SSN's, Health Insurance info, and other data > covered by the federal Privacy Act. How do they send this info > without violating the Privacy Act? I worked for a major healthcare company (Doctors, Hospitals, and Insurance) for 5 years. We dealt with HIPPA (not Federal Privacy Act) every day. Some information is protected, but there are also exceptions and there is certainly needed information verses information that can be collected later. I see no reason to send SSAN, Health Insurance Information, Address (they are at a shelter in this example, send the shelter's address). What emergency/medical personnel need can be provided without revealing personally identifiable information. If you have listened to EMT or Ambulance traffic, they provide information in the clear. Similar to this: We have three casualties for pickup at Shelter 1 1 - Male, Age 70, history of heart attack, bp 120/90, pulse 90, glucose 215, difficulty breathing, currently on respirator. 2 - Female, Age 22, history of epilepsy, pregnant in early stages of labor, simple fracture of left tibia, bp 110/80, pulse 120, glucose 100. 3 - Female, Age 10, no medical history, unconscious, apparent head trama with no bleeding, bp 90/60, pulse 130. The hospital and emergency personnel have what they need to act upon, without any violation of personal privacy. The other elements can be collected at the hospital in a HIPPA compliant and controlled environment. You take care of immediate life and health, the paperwork can follow. I see the need for some encryption, but this scenario is not one that needs it.