Hi Tami,
It has been a while since I worked in the Health care industry but HIPPA
was a key item. The short part of it was that only the
practitioner/company and the patient should be able to see the
information. I know there is a lot more to it then that, but this will
do for a start.
Anyway for applications including green screen, Web, FileMaker and,
Oracle, etc a number of items had to be taken into account.
1. Security of the data.
1. General security of the server
2. Access to specific screens/layouts restricted by userid
3. Access to specific clients restricted by userid (in a multi
client environment)
4. Printing to secured printers. ( Print outs only available
to staff, not visible to public)
5. Faxing ( Faxs only available to staff, not visible to public)
2. Access to system from outside of the office
1. All connections from the outside are encrypted. ie VPN
3. E-mail
1. E-mail sent between managed care (Insurance Co) and
Practitioner must be encrypted. This becomes important if
teh application is to e-mail information.
2. E-mail sent between pratitioner or Insruance co. and client
should be encrypted. This was usually harder to implement.
In my opinion, if the application is designed correctly it should be
HIPPA compliant. Key to this is meeting the userid and password
requirements. If the ID can be tied into the company's Active Directory
or a equivalent security and access restrictions can be implemented
through Lasso then you should be in good shape.
FileMaker Knowledgebase has a pdf that describes much of the
requirements and may be helpful. Here is the link:
http://filemaker.custhelp.com/cgi-bin/filemaker.cfg/php/enduser/std_adp.php?p_faqid=6155
Hope this is helpful, I'm afraid I barely scratched the surface. That
stated, if you read up on the requirements first it should be a
manageable project.
Bruce Herbach
Tami Williams wrote:
I have a client worried about FileMaker 9 and security and HIPPA
compliance.
What do you tell your clients to reassure them? Are there any special
things that you do? That I should be aware of?
Also, their IT guy is nervous about FIleMaker's security (as an
application). The solution we're talking about building is a web app
with Filemaker as the backend and Lasso as the front-end.
Do you have any recommendations/suggestions for me?
I know its a lot to ask - thanks in advance.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"It's better to burn out than to fade away."
Tami Williams
Creative Computing
Improve, manage and unify data with custom database and web applications.
FileMaker and Lasso specialist.
Tel: 770.457.3221
Fax: 770.454.7419
E-Mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web: http://www.asktami.com
FileMaker Solutions Alliance Associate | Lasso Professional Alliance
Member
