A Federal Lawsuit was not thrown out this week by a judge in San Jose, California that alleges Google violates Federal wiretapping laws in its processing of Google Mail (Gmail). The lawsuit alleges both Gmail users and non-users who sent mail to Gmail users did not consent to the processing procedures Google uses for advertising and profiling purposes. Google processes email for all of its Gmail users which requires some level of review and scanning in order to provide the service, but the issue is whether Gmail goes further than basic scanning for processing purposes and if so whether the users and non-users consented to the techniques. When an email is sent from one user to another there is information in the email such as the To field which must be scanned and processed in order the email to reach the correct destination. This level of scanning is standard on… Read more!
Dropbox was conceived and created by Drew Houston while he was a student at MIT as a better way to store and access documents. For students the need to keep up with and share documents is imperative in today's academic environment. Students are able to collaborate and avoid the traditional issues with papers and research such as versioning. However, as students are graduating and moving into the work force they are taking the skills they learned in school with them. One of these skills is how to implement Dropbox and while the implementation and use is simple the more difficult question is whether a particular industry should be using Dropbox. Professional practices including accountants, lawyers and doctors have third party regulatory issues they must comply with when implementing a practice management system to safeguard client information. For doctors the standards are set by HIPAA, for accountants the AICPA and for… Read more!
The HIPAA Omnibus Final Rule goes into effect less than a week from today and brings new considerations for doctors pertaining to electronic data. The Rule includes three distinct sections that apply to electronic data and what may be required of a practice. The first area deals with a patient's rights to request electronic copies of their records in an acceptable format the other two deal with the encryption of data. From a practice management standpoint these new rules must be understood and applied to any information technology (IT) plan. The first rule dealing with electronic information is the patient has the right to ask for copies of their electronic medical records in electronic form. There are two issues here that are most important. First, the patient may request the data and the practice must produce it in a format that is usable. If your practice management software stores the… Read more!
The HIPAA Omnibus Rules go into effect September 23, 2013 and will bring a sweeping change to the health care industry. These rules have been described by the head of the Office of Civil Rights as "the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented." (AMA The HIPAA Omnibus Final Rule Summary). The majority of the changes deal with the protection of electronic protected health information (e-PHI) and the need for a medical practice to safeguard against and report breaches of such data. The key to determining whether data may be classified as PHI is to ask whether a third party who comes into possession of the data could learn about a specific person's health information. Credit card processing is one of the major forms of payment received by medical practices, and is continuing to grow as the economy becomes more and more… Read more!