Maybe I'm just overly paranoid - having dealt with medical claim data for years has re-enforced this though - but isn't it walking a fine line with HIPAA to accept individuals' procedure codes? It doesn't even appear to use SSL/TLS, so I doubt this is HIPAA compliant. I know a name isn't sent over, but it can be trivial to identify someone via their IP address, right? Why not at least go that extra step to protect this information?
Additionally, how do you make sure the information (ie. payment amount, etc.) is accurate?
Also, doesn't seem to work correctly on Win7 Chrome).
Hey while your right, the storing of IP addresses does require HIPAA compliancy, it can be solved with a simple SSL certificate and acknowledgement of nothing being stored.
Procedure codes are an alternative method of inputting bills into the database, as sometimes procedure names are too lengthy. Every bill has either: CPT, HCPCS, or ICD code, all of which are non identifying, and unique to each procedure/diagnosis.
Thanks for your concern though and please email me if you want to continue discussing:
ethan@comparedcare.com
If OP created the site, shoot me an email (in my profile) and I'll give you an SSL certificate. Pretty sure HIPPA compliance isn't mandatory here, though.
nicarus1984|11 years ago
Maybe I'm just overly paranoid - having dealt with medical claim data for years has re-enforced this though - but isn't it walking a fine line with HIPAA to accept individuals' procedure codes? It doesn't even appear to use SSL/TLS, so I doubt this is HIPAA compliant. I know a name isn't sent over, but it can be trivial to identify someone via their IP address, right? Why not at least go that extra step to protect this information?
Additionally, how do you make sure the information (ie. payment amount, etc.) is accurate?
Also, doesn't seem to work correctly on Win7 Chrome).
HealthNut|11 years ago
Procedure codes are an alternative method of inputting bills into the database, as sometimes procedure names are too lengthy. Every bill has either: CPT, HCPCS, or ICD code, all of which are non identifying, and unique to each procedure/diagnosis.
Thanks for your concern though and please email me if you want to continue discussing: ethan@comparedcare.com
iancarroll|11 years ago
HealthNut|11 years ago
https://www.youtube.com/watch?v=EkZQT8TzMfY
unknown|11 years ago
[deleted]