HIPAA Security

LindaS

I'm hoping someone can help me with mu confusion -

I'm working on HIPAA and one of the area of concern pertains to the security mechanisms that have to be put into place. I'm speaking specifically about email. My understanding is that this type of mechanism needs to be in place to comply with the regulations but I was just informed by our TPA that this is not something they are going to be addressing for 2-5 years because the final rule has not passed. Is this correct? Am I concerning myself with something that we have 5 years to comply with?

POPEYE

LindaS, I'm not sure that anyone knows what's going with Hipaa requirements. I talk to my medical carrier and get one story and then talk to my dental carrier and get another. My counter-part at a "sister" company says she got told something exactly the opposite that I did and we have the same medical carrier. I have attended 2 seminars and have been more confused when I left than before. We are taking the stand that we will not receive any PHI or IHI
and that any inquiries concerning coverage need to be direct to the provider.

Nat

[font size="1" color="#FF0000"]LAST EDITED ON 04-02-03 AT 03:43PM (CST)[/font][p]If you go to [url]www.hipaacomply.com[/url] it gives you all of the deadline dates. It indicates that Security Compliance date is 2005 for all covered entities except small plans. You might want to check out the site yourself to be sure where you fit.