Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Tell us more...Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 ,There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it? Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Thanks Sangeeta: Keep them coming. You are my techi wiz! Izquierdo-Porrera MD PhDExecutive Director & Co-founderCare for Your Health, IncPhone " Don't ever let injustice go by unchallenged. " From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 12:02 PMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert.With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it?Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 So your objections are really in general to any product that is not housed in your office- not to any product in particular?Sangeetha Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert. With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it? Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 I know plenty of people (including myself) who have had their identities stolen. No bodily harm, and not really any financial loss because the banks/credit cards pick that up. But loss of productivity having to deal with closing accounts, getting new cards, etc is a real pain. Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 The world of security evolves daily.Tomorrow you will likely discover your best laid plans defeated by a newer invasion technology.It’s a never ending battle. Such fun? Let’s spend more time and money on that one.I’m not buying a new steel door. Yes someone could kick in the one I have. My patients know I have cheap door, look at it every visit and seem fine with it. Sorry, I couldn’t find one that was HIPAA certified. That’s full disclosure.Ask you patients if they have a problem with calling you on the phone or using regular email.People that have an issue are rare. Actually haven’t met one yet.Why take a burden your patients haven’t ask you to carry?HIPAA requires we disclose what we do?I do what my patients do – I use non secure phone, email, fax etc.Want more security – just tell them to make an appointment.I have no celebrity patients, mine live on FaceBook.The answer is not more security. The question is why offer or pretend to offer what no one is asking for?IMHO. From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 12:16 PMTo: Subject: Re: new finds So your objections are really in general to any product that is not housed in your office- not to any product in particular?Sangeetha Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert.With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it?Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha MurthySent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Let’s see. They have thousands of ways to steal your identity and now there is one more.That sounds about right to me From: [mailto: ] On Behalf Of PrattSent: Thursday, February 23, 2012 12:28 PMTo: Subject: Re: new finds I know plenty of people (including myself) who have had their identities stolen. No bodily harm, and not really any financial loss because the banks/credit cards pick that up. But loss of productivity having to deal with closing accounts, getting new cards, etc is a real pain. Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 No, I really am looking for a better translation of the documentation on their website.. ( motives philosophies, lets move that to another thread :)anybody? Sangeetha The world of security evolves daily.Tomorrow you will likely discover your best laid plans defeated by a newer invasion technology. It’s a never ending battle. Such fun? Let’s spend more time and money on that one.I’m not buying a new steel door. Yes someone could kick in the one I have. My patients know I have cheap door, look at it every visit and seem fine with it. Sorry, I couldn’t find one that was HIPAA certified. That’s full disclosure. Ask you patients if they have a problem with calling you on the phone or using regular email.People that have an issue are rare. Actually haven’t met one yet. Why take a burden your patients haven’t ask you to carry?HIPAA requires we disclose what we do? I do what my patients do – I use non secure phone, email, fax etc.Want more security – just tell them to make an appointment. I have no celebrity patients, mine live on FaceBook.The answer is not more security. The question is why offer or pretend to offer what no one is asking for? IMHO. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 12:16 PMTo: Subject: Re: new finds So your objections are really in general to any product that is not housed in your office- not to any product in particular? Sangeetha Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert. With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it? Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 For what it's worthhttp://www.wilderssecurity.com/showthread.php?t=279029 Sangeetha No, I really am looking for a better translation of the documentation on their website.. ( motives philosophies, lets move that to another thread :)anybody? Sangeetha The world of security evolves daily.Tomorrow you will likely discover your best laid plans defeated by a newer invasion technology. It’s a never ending battle. Such fun? Let’s spend more time and money on that one.I’m not buying a new steel door. Yes someone could kick in the one I have. My patients know I have cheap door, look at it every visit and seem fine with it. Sorry, I couldn’t find one that was HIPAA certified. That’s full disclosure. Ask you patients if they have a problem with calling you on the phone or using regular email.People that have an issue are rare. Actually haven’t met one yet. Why take a burden your patients haven’t ask you to carry?HIPAA requires we disclose what we do? I do what my patients do – I use non secure phone, email, fax etc.Want more security – just tell them to make an appointment. I have no celebrity patients, mine live on FaceBook.The answer is not more security. The question is why offer or pretend to offer what no one is asking for? IMHO. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 12:16 PMTo: Subject: Re: new finds So your objections are really in general to any product that is not housed in your office- not to any product in particular? Sangeetha Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert. With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it? Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 23, 2012 Report Share Posted February 23, 2012 Here is anotherhttp://www.emrandhipaa.com/emr-and-hipaa/2010/12/23/email-is-not-hipaa-secure/ and I cant say I understand much of anything.Sangeetha For what it's worthhttp://www.wilderssecurity.com/showthread.php?t=279029 Sangeetha No, I really am looking for a better translation of the documentation on their website.. ( motives philosophies, lets move that to another thread :)anybody? Sangeetha The world of security evolves daily.Tomorrow you will likely discover your best laid plans defeated by a newer invasion technology. It’s a never ending battle. Such fun? Let’s spend more time and money on that one.I’m not buying a new steel door. Yes someone could kick in the one I have. My patients know I have cheap door, look at it every visit and seem fine with it. Sorry, I couldn’t find one that was HIPAA certified. That’s full disclosure. Ask you patients if they have a problem with calling you on the phone or using regular email.People that have an issue are rare. Actually haven’t met one yet. Why take a burden your patients haven’t ask you to carry?HIPAA requires we disclose what we do? I do what my patients do – I use non secure phone, email, fax etc.Want more security – just tell them to make an appointment. I have no celebrity patients, mine live on FaceBook.The answer is not more security. The question is why offer or pretend to offer what no one is asking for? IMHO. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 12:16 PMTo: Subject: Re: new finds So your objections are really in general to any product that is not housed in your office- not to any product in particular? Sangeetha Sangeetha ,Jargon abounds. HIPAA data certification does not exist. Never has and probably never will. That’s what my overpaid expert told me.As for their jargon, really can’t say – I’m not an expert. With that, I’ll share a thought I posted a few days ago to another group. In my opinion, there remains a simple solution to the question of using telephones, email, fax, etc. Just tell all patients you use the same technology they use at home and that you can provide little assurance of security beyond locking your doors at night. The HIPAA requirement for full disclosure is then settled. Anyone wishing a higher level of security should make an appointment to discuss their needs. Be sure to mention that cheap devices for listening through walls are also available and for all you know your entire office has been bugged. The reality is that a determined person can fool your staff into giving away information in ways that evolve daily and often are way ahead of the virus/malware software defenses we wish would make life easier. Notice that no major business or government organization has been able to remain secure despite their enormous security budgets. RSA has been hacked! Same for IBM, State Department, all branches of military, Microsoft, Apple, etc. Do we really expect to do better or do our patients expect this. Why should we set ourselves up for failure by suggesting we can be as secure? Really, our patients use non secure telephone, fax and email everyday to disclose every aspect of their life. Our patients live in a FaceBook world. I don’t see a patient rebellion over a simple policy – “we use a firewall, virus protection and cross our fingers for good luck - the same thing you do.’ Aside from a few celebrities that made national news, the number of cases where a person was harmed by a hacker accessing their information is minuscule. They make great stories for consultants selling security services and insurance companies selling their lucrative solutions but what relevance do they have to hundreds of millions of ordinary people trying to obtain affordable health care? Given there are no specific HIPAA data requirements, why should we add them to our burden? Tell me what I’m missing. Neighbors, MDHuntsville, Alabama Solo using FlexMedical EMR/Billing since 2/2009Attested MU in 2011 From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:56 AMTo: Subject: Re: new finds , There's a lot of jargonish documentation on their FAQs page with some numbers etc. I wont pretend to understand it. Maybe you could help interpret it? Sangeetha Sangeetha, just a tiny problem with zsentry.com’s claims. There is no authorized HIPAA security certification that I know of. No doubt they sell something more secure than regular email but claiming it’s certified is funny. Well, that’s what an overpaid health IT consultant told me a few weeks ago. Tell me I’m wrong. Really, I want to be certified too. From: [mailto: ] On Behalf Of Sangeetha Murthy Sent: Thursday, February 23, 2012 11:02 AMTo: Subject: new finds Hello, My new finds zsentry.com ( to send and receive secure replies with google apps/gmail- very interesting product- This has really given me more communication options/ ability to set expectations) $80/yr. I have a jumbleme window set up for incoming secure messageson the web site. I do not want to have patients sign up for anything new ( avado etc etc), because they will eventually have to use PRACTICE fUSIOAN'S portal ( when oh when?) Onecallnow.com ( recorded messages delivered to those without email- again for standard replies- you need an appointment, your refill /procedure has been requested/authorised. Please call your insurance company etc etc- takes a lot of pressure off of the front desk/me) The android app is awesome. $30/250 credits/12 months and higher tiers available and a host of chrome extensions that I have used for custom urls to pop out so I dont have to change windows when I research something ( the urls I use are codapedia search box, physician directory, the ipa's formualry, a google search box) If you are interested , I can send you the extensions. Sangeetha Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.