Cory: I am an attorney and I've asked our attorney general for an opinion
as to whether Privacy Officers under HIPAA have personal liability. We've
not yet received an opinion.
I agree with Tim's comments: "Cory, I suggest that you consult with an
attorney."
Moya T. D. Gray, Director
Office of Information Practices
State of Hawaii
No. 1 Capitol Center
250 South Hotel Street, Suite 107
Honolulu, Hawaii 96813
Tel: 808-586-1400
Fax: 808-586-1412
Web: www.state.hi.us/oip
<timmcguinness@
yahoo.com> To: <[EMAIL PROTECTED]>,
<:[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]>
09/10/02 09:55 cc:
AM Subject: RE: "Compliance"
Please respond
to
timmcguinness
Cory, I am not an attorney. Having said that. Are you Aware, that you
just
publicly stated that you have fore knowledge to multiple violations of
Federal Law?
I would encourage all to remember that this is not a local IT user group
bashing Microsoft. That we are dealing with Federal Law!! Any attorneys
out there wish to add their two cents in?
Unintentional disclosures have potential consequences. (anybody read the
Privacy Rule?)
Cory, I suggest that you consult with an attorney.
Tim McGuinness, Ph.D.
President,
HIPAA Help Now Inc.
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
www.hipaahelpnow.com <http://www.hipaahelpnow.com/>
Executive Co-Chairman for Privacy,
HIPAA Conformance Certification Organization? (HCCO?)
www.hipaacertification.org <http://www.hipaacertification.org>
__________________________________________________________________
Tim McGuinness, Ph.D. - Instant Access
Phone: 727-787-3901 Cell: 305-753-4149 Fax: 240-525-1149
Instant Messengers: ICQ# 22396626 - MSN IM: [EMAIL PROTECTED] -
Yahoo IM timmcguinness - AOL IM: mcguinnesstim
__________________________________________________________________
===========================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains
information that may be confidential or privileged, and is intended solely
for the entity or individual to whom it is addressed. If you are not the
intended recipient, please notify the sender at once, and you should delete
this message and are hereby notified that any disclosure, copying, or
distribution of this message is strictly prohibited. Nothing in this email,
including any attachment, is intended to be a legally binding signature.
-----Original Message-----
From: Dekker, Cory [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 10, 2002 1:37 PM
To: '[EMAIL PROTECTED]'
Subject: "Compliance"
I'd like to move this to a new thread (since I think the old one is REALLY
dead).
Christopher makes an assertion that I'd like to see if we can actually get
a
meaningful discussion going around.
I have been involved in interviews with my organization's trading partners,
and I've been the one working most directly on defining our companion
document specifications. In my research thus far, I have found
Christopher's assertion, that no one will intentionally violate the law, to
be untrue. At least for now, "some" CH's and payers ARE planning to
intentionally violate some small/minor/finer points of the HIPAA IG's, as
best fits their business needs.
I will be honest enough to say that my own organization is currently
"considering" this [insert massive disclaimer about my inability to speak
for GWL in any capacity].
Clearly, it is highly unlikely that anyone is going to come out on this
ListServ and say "we plan to break the law", and I would NEVER expect
anyone
associated with WEDI to encourage such. However, without naming any names,
I KNOW that more than one of my TP's fully plans to, and I'm not just
talking about the bare minimum stuff just to make it work.
Depending on how you split hairs, true "compliance" is impossible. For
example, the 2 837[PDI]/2010[AB]A/REF segments are IMPOSSIBLE to comply
with, given the current wording of the IG's and the legal "LU" value in
both
REF's. This is NOT fixed in the Addenda, so true compliance will STILL
(technically) be IMPOSSIBLE even after they are finalized. You have to
disallow "LU" as valid in the 2nd REF; but wait... that would mean
intentionally violating the IG, both current, and Addenda.
Maybe I'm in Wonderland thinking that we might actually have an honest
discussion about this, but given that it significantly impacts our
potential
recommendations to the industry on Testing, Routing, and general
"Compliance" efforts, is it at least worth asking about?
-Cory
-----Original Message-----
From: Christopher J. Feahr, OD [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 09, 2002 7:54 PM
To: [EMAIL PROTECTED]
Subject: RE: Certifications
" ... it's more that I doubt any CH or payor would have the nerve to
intentionally violate a federal law like that... and no responsible
organization like WEDI is going to recommend it. I suspect that payors and
CHs are planning to start out a year from now, programmed to reject ALL
non-conforming claims, based on their own validator logic. That's really
the aspect of healthcare-EDI that transforms what might be a minor flaw we
could choose to live with in some industries, into a big deal...
potentially triggering massive rejection of what would otherwise be
"payable" claims.
"What I'm worried about, however, is the receiving system (built on
translator/validator A) rejecting lots of messages from a system built
around T/V Vendor B's engine... despite the fact that Engine B's validator
is saying they are all fine."
**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.
======================================================
The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the
individual
participants, and do not necessarily represent the views of the WEDI Board
of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
(See attached file: Tim McGuinness Ph. D..vcf)
The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
=?iso-8859-1?Q?Tim_McGuinness_Ph._D..vcf?=
Description: Binary data
