Jump to content
Sign in to follow this  
swf

hipaa compliant

Recommended Posts

Working on a medical record solution.

I will need to make it hipaa compliant.

My understanding is it needs

1)automatic logout (can be done by fm server)

2)user id and password for each person (again can be done by server)

3) audit tracking (has to record the current user when making an entry. What about modifying an entry?)

4)electronic signature - anyone have ideas on this one. how about cosignature. Nurse enters and doctor signs later?

5)anyone dealt with importing lab values into filemaker from a standard lab database?

Looking forward to suggestions and discussion

Share this post


Link to post
Share on other sites

1) Correct, you can set idle time in FMS7

2) Also Correct. Additionally, you can use a domain controller and domain account to control access.

3) Check out the following: http://www.excelisys.com/services/fmp7/tips_tricks.htm

Andrew Persons has an excellent solution for audit logs

4) I use a signature field(s) and a script to do electronic signatures. The eSig is set in the sig field using a concatenation of the username and a datetime stamp. I've built and signature process that run 5 sigs deep in a workflow process.

5) I don't have specific experience with standard lab database, but if its SQL and ODBC compliant, you can write scripts to pull directly from the database. Otherwise, check to see if it will output a .csv file? You can import that directly into Filemaker.

One other note on HIPAA compliance, if you are tracking any personal data on patients(names, ssn, address, etc), you will need to encryt, isolate, and or access control that data with you solution.

Hope all this helps

Share this post


Link to post
Share on other sites

I use Digitalpersona’s fingerprint hardware and software in conjunction with two simple FM validation scripts to comply with fed regulations and requirements:(Message integrity, Non-repudiation, User authentication. Other implementation features are optional.)

http://aspe.hhs.gov/admnsimp/nprm/sec10.htm

I use this technique to electronically sing billable encounters 100% paper less

I hope this helps :waytogo:

Share this post


Link to post
Share on other sites

For cosigns, we have user designate where the record needs to go next, and then eletronically sign. Then create a layout that will find all the records sent to a particular user.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Similar Content

    • By cbum
      Our institution is now requiring PHI-containing databases to log not just modifications to records, but to log every access/viewing of any record. They want to be able to respond to the question "Who has looked at my medical record, even with no change to the record?".
      I am not aware how to achieve this with FM, do any of the add-on programs have such features?
      I am facing the forced elimination of a critical database, built over 15 yrs, if this cannot be achieved.
       
      Thanks for any suggestions.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.