Medical Information Exchange - Security concerns

system · March 11, 2015, 3:45pm

gsans wrote on Wednesday, March 11, 2015:

Hi there,
I am a PHP Developer that is planning to deploy a OpenEMR system. I have no previous experience with Health systems.
In order to migrate the medical records from the legacy system to openEMR I need access to the legacy system data.
What are the legal and practical steps to protect the medical records exchange? Can I use Email, Cloud storage, USB? Do I have to sign any document?
If you can’t give an straight answer can you tell me where I can find such information?
Many thanks!
Gerard.

system · March 11, 2015, 3:59pm

cmswest wrote on Wednesday, March 11, 2015:

here’s a decent site that makes the subject tolerable.

after you have a signed business associate agreement, keep the data encrypted in whatever manner it’s stored or transmitted.

system · March 11, 2015, 4:20pm

sunsetsystems wrote on Wednesday, March 11, 2015:

I deleted your duplicate post in the Help forum. No need to cross-post, most of us subscribe to all 3 forums.

HIPAA compliance as a Business Associate is a huge potential risk for anyone doing production support. Stephen’s link above is a good starting point.

Rod
http://www.sunsetsystems.com/