Pat Hartman has left the building (1 Viewer)

[BlueSpruce]

would like to meet the moron that passed that law, and explain to him how it has done nothing but cause trouble.

I think that was Clinton's baby. I do contract work for a network of 19 hospitals and it gets in the way. They've been breached and class action sued several times despite all the security and HIPAA compliance. They hired 3rd party companies to do patient surveys and those companies in turn share data with others. How can an org expect to maintain PHI secure when they're providing it to outside orgs? I am almost done working with them and not renewing my contract.

 

[Isaac]

Yeah, working with vendors is often a weak spot in the chain of custody when it comes to confidential information. Their systems have to be certified and this and that until you're dizzy with the sheer volume of things to keep up with.

Once I worked for a company that had a vendor to accept Medicare applications and I wrote some SSIS packages to ingest the flat files they would produce via SFTP. It was where I got experience using PSFTP.EXE and PUTTY.EXE, both extremely useful FTP tools!
When it comes to the spectrum of security, the company I worked for was kind of in the middle, lax enough to allow me to use third party tools like psftp.exe. As long as it worked and appeared secure they were happy, and I got a lot of great experience that way. Good memories.

Of course as long as I also programmed the thing to check out reconciliation reports to make sure all the inputs and outputs matched, we were fine. Medicare application processing is a big deal because a legal Timer starts when they submit the app, and all kinds of things have to be done by such-and-such time along the way, kinda like a construction timer. So when my program err'ed, it was a BIG deal and got me a private sit down with high up people!

 

[The_Doc_Man]

I had some HIPAA stuff on my Navy mainframe but fortunately, I didn't have to process it beyond just assuring that the system had room for the file to come in and the DB team knew as soon as possible that it was available for their consumption. I still had to take yearly HIPAA training, but it was available online and we were considered as doing legit work under the contract, so got paid for our time. Which was usually less than an hour once per year. I could read the file because at that time we were not encrypting the data. I don't know what they do now because about a year after I retired, the mainframe was decommissioned and everything went to web-based interfaces on a UNIX-flavored box plus ORACLE on another UNIX box. The interface app that ran on my mainframe yielded to the web. But it lasted for 30 years with very good uptime availability and it kept up with the work to be done, so the software costs weren't totally wasted. (Unlike DIMHRS.)

 

[Isaac]

I had some HIPAA stuff on my Navy mainframe but fortunately, I didn't have to process it beyond just assuring that the system had room for the file to come in and the DB team knew as soon as possible that it was available for their consumption. I still had to take yearly HIPAA training, but it was available online and we were considered as doing legit work under the contract, so got paid for our time. Which was usually less than an hour once per year. I could read the file because at that time we were not encrypting the data. I don't know what they do now because about a year after I retired, the mainframe was decommissioned and everything went to web-based interfaces on a UNIX-flavored box plus ORACLE on another UNIX box. The interface app that ran on my mainframe yielded to the web. But it lasted for 30 years with very good uptime availability and it kept up with the work to be done, so the software costs weren't totally wasted. (Unlike DIMHRS.)

What's DIMHRS

 

[The_Doc_Man]

Defense Integrated Military Human Resource System - and one of the worst software mistakes I've ever had the displeasure to know about. You can look up that acronym in Wikipedia. You should also be able to do a search for DIMHRS on this forum with me as the author. The details are so nauseating that I'll pass on repeating the sad story again. Let's just say that if Congress had seen fit to let well enough alone, it would have been enough money to fund SNAP for a few extra weeks.

 

[Cotswold]

It does appear that after just a fortnight Pat has been forgotten and everyone has moved on!