Stack Overflow
Stack Overflow

Questions tagged [hipaa]

Health Insurance Portability and Accountability Act, subset of the ASC X12 EDI standard for to transfer of healthcare-related information.

HIPAA in this context refers to the data transmission standards mandated by the U.S. healthcare privacy act. It is based on the 004010 and 005010 versions of the X12 EDI standard, maintained by DISA.

The specific messages involve transferring inquiries, notifications, billing information and procedures between both healthcare providers (such as doctors, hospitals and other services) and billing agencies.

The Washington Publishing Company has the responsibility of publishing the actual standards documents.

97 questions
0
votes
1 answer

De-Identifying PHI For HIPAA

I have a SQL DB which contains PHI, hosted on AWS. I want to access this data to perform analytics, however, I must de-identify the data first to comply with HIPAA. How should I approach this? I have thought of a few approaches: Simply de-identify…
user13514973
0
votes
1 answer

When a G-Suite form is embedded on external website, does any form data get stored on the host site?

This question comes up because of very specific HIPAA requirements. A Covered Entity(CE) eg, doctor can't use a cloud storage provider (CSP) unless they have a Business Associate Agreement (BAA) with the CSP, even if the data are encrypted and the…
VWFeature
  • 99
  • 2
0
votes
0 answers

Should I use separate databases for HIPAA and PCI-DSS compliant data?

My question is mostly theoretical, but if I have an application (for example for a private clinic) which stores their patient's health information (HIPAA), accepts payments with cards and stores payment history (PCI-DSS), and stores other…
jumpy
  • 75
  • 5
0
votes
1 answer

Azure long-term audit log

We have a medical application that requires to store audit logs for 6 years (HIPAA requirement). Looking at the new Azure Monitor service, it seems it will retain information for a maximum of 730 days (see…
Jaime
  • 4,200
  • 2
  • 19
  • 40
0
votes
0 answers

Patient ID (PHI) in Azure Storage Blob Object Key

My requirement is to use Patient ID (PHI) in Storage Blob object key. Example - "/storagename/Z360A1109/report.html" where "Z360A1109' is Paient ID. If I query this object WITHOUT VNet Service Endpoint for Blob Storage enabled, then its a clear…
dilzfiesta
  • 55
  • 5
0
votes
1 answer

how to create Hipaa Compliant android app development in AWS?

I created an HealthCare android app using firebase, which is not Hipaa Compliant. I want to switch my app to a Hipaa compliant platform. What I found by searching is that buliding a Hipaa compliant application using AWS is going to be complex. Any…
Nusrat
  • 9
  • 1
  • 6
0
votes
1 answer

Firestore complaince Hipaa

I have a Health Care Application that deals with PHI and I am storing data on FireCloud. As Health Care Application needs to be HIPAA Compliant, and to be HIPAA Compliant there are certain steps to follow which mostly includes Encryption. Later i…
Sajjad Raza
  • 11
  • 2
0
votes
1 answer

How to securely connect to AWS DynamoDB or other aws database securely from a serverless app

I am building an application on Firebase, and some of the data needs to be HIPAA compliant. My initial idea was to connect to AWS DynamoDB (HIPAA compliant) from Firebase Cloud Functions, but then I realized that the data would be passing through…
TheRyan722
  • 885
  • 11
  • 31
0
votes
1 answer

When can we allow a CTX segment to be part of 999 Acknowledgement

I need to understand when can we allow a CTX segment to be part of 005010X231-999 Acknowledgement. What I see is an error occured for a required data element. In this case can the CTX be shown to represent the error? Or will we show the CTX segment…
vegeta
  • 297
  • 1
  • 13
0
votes
0 answers

Does HIPAA require to log ALL queries to the database (including calls from JDBC)?

We use Postgres. After setting log_statement=all, it'll only log queries from psql, not from the application accessing it via JDBC. I find this a bit counter-intuitive. Isn't ~95% of data access in an application done via JDBC (or something similar…
Akshay Elavia
  • 426
  • 1
  • 5
  • 13
0
votes
6 answers

Examples of 2 factor authentication?

I am doing a HIPAA application soon and it requires 2 factor authentication. Can anyone give me an example? I am thinking a secure login and then a form that requires the user to enter their birth date or something. Thanks, Darren
Darren
  • 9,190
  • 7
  • 38
  • 58
0
votes
0 answers

How to generate x12 file by hand

I work for a small healthcare company. We use a simple browser-based gui to create our healthcare claims. Recently our number of claims has grown. To make things easier, we'd like to be able to batch bill our claims now. We only do 1 type of…
user1863490
  • 21
  • 1
  • 2
0
votes
1 answer

How can I have one Party in BizTalk use two different GS02 segments for the same EDI Message type?

I have a connection to an EDI clearinghouse to whom I send X12 270 documents using BizTalk 2009. The "Information Source" for these 270s can be either of two depending on a variety of factors. For one Information Source, the clearinghouse requires…
AllenG
  • 7,946
  • 26
  • 38
0
votes
1 answer

C# XML Deserializer fails to deserialize Child Node

I have an XSD and a class generated by XSD.EXE I'm using to deserialize an XML document. For some reason, a node fairly deep into the XML document is failing to deserialize, and I can't find why it would be doing so... Here's how I'm…
AllenG
  • 7,946
  • 26
  • 38
0
votes
1 answer

How to persist ipython notebook without persisting output?

I have an ipython notebook that I invoke through Django's shell_plus --notebook command. I would like to save the notebook, meaning the code cells, without saving the output that follows each code cell. I use this notebook to do analytics and…
David Watson
  • 3,014
  • 2
  • 29
  • 50
1 2 3 4
5
6 7