2 Replies Latest reply on Sep 12, 2013 10:48 AM by psijmons

    HIPAA and fines and jail time?

      Some recent legal postings imply that the new HIPAA regs may not only impose fines but jail time. Whew.

       

      Does anyone have any pointers to legal opinions as to a Filemaker Developers responsibility and liability for the patient security information.

       

      A client wants to let his staff log in remotely and I have raised the issue of not being able to control who looks at the screen, etc. and children or adults may view patient data that might end up in the National Enquirer, for an extreme example.

       

      What are my obligations in this regard other than saying, "Wow!" and so on.

       

      Is there any faq, etc. covering a developer's responsibilities and how to protect oneself in the event of such a catastrophic event? Is the developer responsible for the remote user's actions or problems arising from them?

       

      What obligation does my client have to control the staff members logging in remotely if this is allowed.

       

      We all know how easy it is to do screen captures, export if allowed, printing, emailing, etc.

       

      Somewhat amusing is that the person wanting this remote access left his laptop on the seat of his car and it was stolen. I changed his account as soon as I learned of this.