Niner Niner, a collaborative weblog network, has over 25 great blogs and this “Best Of” highlights just a few of the posts that were written by some of the Niner authors, in topics that range from High Heels, Ajax, HIPAA Privacy Regulation to gadgets, books and health. 

In Ajax Blog, Sreejith introduces us to a few new things. First is Vox a new blogging service from Six Apart that uses WYSIWYG with a taste of web 2.0. After that we learn about Krun.ch and Wishlistr.

Blogging Naked: Scarification and lip plates are shown to be some of the newest and more popular form of “self-expression” in recent years.

Bookadoodle: Nancy Callahan posted more in her series “Getting Published” and this latest edition was part 5.

Boomer 2.0 had posts that pointed out that boomers can still have that second career and another that shows many are not even planning retirement anytime soon.

In Class Action Questions find out about lawsuits involving pyramid scams, hair raising beauty product claims and why State Farm was penalized.

Credit Cardenza: Unfortunately, millions of people are drowning in  credit card debt, have to worry about credit scams and fraud, and let’s not even talk about the international fees.

Dealsneak managed to sneak more than a few deals pass us this summer including, the Samsonite laptop case, a gorgeous leather bench, and a sweet looking Thermaltake Tsunami computer case.

Feed Money discusses the fact the Ebay has jumped on the contextual ad bandwagon as well as blog feeds and a program called RSS To Blog.

If you need to Fix Your Finances one of the first steps is learning how to save your money. After that you can check out Mvelopes to learn all about budgets.

At Games For Money you can find places to play free online gambling games and also learn some card counting tricks and tips.

The High Heels Blogs show us which killer heels are on sale including boots, sandals, slides and mules. Also take a look at some killer wedding heels for this summers nuptials.

A few notable gadgets that were blogged in the HyperGadget blog were the Kurzweil-National Federation of the Blind Reader, and the jumbled and messy looking organizer.

Over at the Medcare Forum, Kathleen Milazzo tells us more about that scary mad cow disease and our medical privacy laws.

Find out just how much house you can afford before you go running off to get that mortgage. And is the housing bubble really ready to blow? All this and more in Mortgage Updates.

At My Secret Side Biz learn how to make a profit, how to get your own powerwash, and simple business and Ebay tips.

On Healthy Living: Sarah White tells us all about a new study that could help with asthma reduction when it comes to do light exercise that involves stead breathing like yoga.

On Movies has a decade of super heroes list that includes recent and unreleased movies. Leafworks reviewed The Omen and we got to see the trailer for the new Ghost Rider movie.

Powersellers Blog: Ebay has done it. They finally reached 200 million members and they are also expanding into new ideas. Also people are fed up with Paypal while crooks are finding more ways to defraud your account.

Seo Updates: Yahoo one of the biggest email services was hit with a worm and Google expanded into real estate but won’t be making a browser, at least not anytime soon.

Get some free exercise tips from The Diet Logs. You will certainly need them if you plan to take a bite of this $100 burger.

Living the Single life? Well take a look at some great break up lines and if your looking to meet people Leafworks posted a great review of club La Rumba.

Thumb Gods: Nintendo is no, no to the name Wii for their new console a game system that is at the end of this long list containing The Evolution of Video Game Consoles.

Las Vegas Revealed that it was ill prepared for a massive disaster, but til then you can still get married and get comp’d in Vegas.

Wander the World, well the State of Colorado with Leafworks. He takes us to the Cherry Blossom Festival, Gothnic in Denver, Old Colorado City, Plaza del Arte Festival in Downtown Denver and Garden of the Gods.

While some are up in arms about the whole Rush Limbaugh Viagra privacy debacle, I am more interested in all the thefts that been going on. It seems to be a recurring story week after week.

Only recently the Federal Trade Commission had their own breach, which was due to someone stealing a laptop from an employees vehicle. A lot of these problems seem to be happening because employees have laptops and private files with millions of data on hundreds of thousands of people and no one is doing a thing about it.

I really would have thought that companies would take a look at what’s happening and start changing the way information is handled when it comes to employees taking it with them.

I would take a large guess that until some of the information stolen belongs to a celebrity or someone in Congress, not a damn thing is going to be done. If you are one of the people affected I guess they will sing you the tune of too bad, so sad.

Wireless LAN’s are convenient and allows for portablity. However they are very dangerous when it comes to security because even with a password, some technical individuals can still break their way through the encryption.

Siemens Communications Inc. has announced today that they have released a modular extention called HiPath Wireless Manager Advanced (HWMA) that will improve wireless security with intrusion detection and prevention.

“The Siemens HiPath Wireless Manager Advanced platform helps enterprises improve network efficiencies, prevent network attacks and respond to security challenges,” said Stefan Miesbach, CEO of the HiPath Wireless Division at Siemens. “The HWMA solution is also an important part of Siemens’ vision to make enterprise mobility easy - including enterprise data networking as well as the emerging need for unified on-the-go communication across all mobile and vertical business applications.”

Via Wireless IQ

Brabeion Software has updated their products with a new software called Brabeion Compliance Center 6.0. It allows users to keep up with regulatory compliance.

“With the addition of these regulatory modules, Chevron is better positioned to more proactively manage, deploy, and mitigate ongoing compliance efforts for SOX, HIPAA and other global regulatory requirements,” said Jay White, Global Information Protection Architect, Chevron. “Never before have we been able to implement easily and quickly such a comprehensive solution across our widely distributed information assets for compliance with external and internal regulations and security protocols.”

Brabeion Compliance Center is designed to significantly decrease the time and cost of implementing an IT compliance program, while providing unparalleled support for specific government and industry regulations. The solution includes modules for Sarbanes-Oxley (SOX), the Healthcare Information Privacy and Accountability Act (HIPAA), the Federal Information Systems Management Act (FISMA), the Gramm-Leach Bliley Act (GLBA), California SB 1386 and NIST 800-53. Brabeion Software plans to launch additional modules later this year.

Source: Thomas Net

Configuresoft makes software that helps clients manage their technology and privacy concerns. This software can audit and monitor both your hardware and software allowing you to spend your time elsewhere. Configuresoft has now updated this already impressive software.

Colorado Springs-based ConfigureSoft has upgraded its Enterprise Configuration Manager (ECM) software. The firm said yesterday that its latest version, 4.8, of its software tool adds a new dashboard capability, better support for operating system platforms, including new 64-bit Windows, and cross-platform toolkits for various compliance regulations. Configuresoft’s software is used for monitoring IT infrastructure for compliance with Sarbanes-Oxley (SOX), HIPAA, and other regulations.

Source: Tech Rockies

Dawn Burriss of Optimize Magazine has written a wonderful article on the HIPAA regulations and whether it has really changed anything at all. She has first hand knowledge of how everything used to be before going electronic and helped mold what we now know as HIPAA.

“More than a decade ago, I had the opportunity to help shape the early health-care transaction standards that would one day become HIPAA. I worked on the American National Standards Institute’s X12 835 committee to define the first version of standard remittance advice, which is now a HIPAA standard. Back then, we could only imagine a time when the health-care industry would give up its paper processes and go electronic. Thanks to HIPAA and the hard work of several industry organizations, standardized formats finally arrived, and electronic-transaction usage increased as a direct result.”

“The Department of Justice now has the authority to pursue only violations of the most egregious nature—those that represent deliberate misuse of patient information. The penalties for lesser violations, such as inadvertent disclosures of health information, were set in the original HIPAA legislation and aren’t, at first glance, particularly onerous: a minimum of $100 per violation per year, and a maximum of $25,000 per year per violation. The real deterrent isn’t the fines themselves, but the bad publicity that befalls an organization when fines are imposed.”

Full Article

A Congressional health subcommittee heard testimony on plans to develop a new medical information database in the United States, and experts said a new federal privacy law would be needed to expand HIPPA to cover the database, according to a story by UPI.

HIPPA covers breaches of health privacy by health plans and providers, but doesn’t say anything about other people who might access medical information such as medical transcribers hired by doctors or even hackers.

A new federal law would have to make sharing medical information a crime for anyone with access to that information. Experts urged that passing of a law to cover the database before that system is put in place, instead of trying to write a law to fit the new technology once it is already in place.

Right now there is a patchwork of state laws covering the privacy of medical records in addition to HIPPA. About 17,000 claims have been filed under HIPPA, but action has only been taken against one company.

Privacy advocates warn that a law that does not give patients the right of consent to say who can and cannot access their records will quickly erode the patients’ right to privacy. The right of consent was removed from HIPPA in 2002.

H.R. 4157 in Congress would establish a nationwide health infrastructure. It is much more complicated than the current system for tracking patient records and, as such, Blue Cross and Blue Shield has said the timetable for implementing the system as outlined in the bill is too ambitious.

For more on the bill before Congress, visit Thomas.

We know that the only survivor in the West Virginia mine explosion is still in critical condition, he hasn’t awoken and he’s not breathing on his own. Daniel Engber of Slate asks an interesting question. Exactly how much information are the doctors allowed to give the press?

How much detail

InformationWeek is reporting:

A federal advisory panel on Tuesday issued a 14-point report of recommendations for what’s needed to develop, implement, and foster the secure nationwide exchange of electronic medical information.

The report was issued by the Commission on System Interoperability, which was created by Congress as part of the Medicare Modernization Act of 2003. The commission was charged with developing recommendations, priorities, and a timeline for implementing an electronic health information exchange network.

A nationwide healthcare system would be a ripe target for hackers. Let’s hope these recommendations are heeded by the Federal gov.

Not only could the suggestions reduce security threats, but also help save lives.

As you know, medical mistakes such as prescriptions being filled incorrectly, cost thousands (if not hundreds of thousands) of lives yearly.

The article continues:

Government researchers estimate that health IT, like physician order-entry and standards-based electronic medical record systems, can help reduce tens of thousands of medical mistakes and billions of dollars in health-care costs annually in the U.S. There are already a handful of incentive programs underway by some private insurers, as well as a Medicare pilot program, that reward health-care providers who improve their quality-of-patient care using health IT.

Read more here

Here’s an interesting twist on the old federal vs. state jurisdictional dispute.

First Amendment Center is reporting:

COLUMBUS, Ohio — A newspaper wants to report on homes, many of them rented, where lead paint has harmed children. The city health department fears federal fines and penalties if it complies with the state’s open-records law.

In what attorneys say is one of the first such tests nationwide, the Ohio Supreme Court must decide if state law trumps the federal rule.

The 2-year-old federal Health Insurance Portability and Accountability Act prohibits health insurers, medical care providers and entities that process medical information from releasing any information that identifies the patient. However, the information can be released by a public agency if a state records law mandates it.

This seems like one of those grey areas of the law where the legislature did not fully understand some of the ramifications of HIPAA legislation.

Read more here

Just catching up on a bit of HIPAA / Healthcare / Privacy news of late.

Seems IBM announced that it was acquiring Healthlink, the largest U.S. consulting firm dedicated to the health-care industry.

Rochelle Garner of CRN reports:

IBM announced Tuesday that it will buy Healthlink, the largest U.S. consulting firm dedicated to the health-care industry. The acquisition gives IBM Global Services the domain expertise of Healthlink’s 550-person professional organization, including 300 physicians, nurses and pharmacists. Terms of the deal were not disclosed.

The acquisition is the second in one week in which a large IT consulting company acquired the health-care expertise of another. Last week, Accenture paid $175 million to buy the U.S. health-care practice of Capgemini. The 600 North American employees of Europe’s largest consulting company will join Accenture’s Health and Life Sciences practice in North America, the companies said. Paris-based Capgemini will retain its outsourcing contracts with U.S. health-care clients as well as continue health-care consulting in the federal public sector.

Well, the deadline to complete the security requirements of HIPAA passed yesterday with little fanfare.

Internet News has the scoop:

“Considering everything that is involved with compliance, there are a lot of factors as to why some companies may not have completed it,” Earl Crane, a senior consultant with Foundstone Professional Services, said. Foundstone, a subsidiary of McAfee, is a leading HIPAA consultant and security software provider.

Some scary compliance stats:

However, a study from Information Technology Solution Providers Alliance shows that only 30 percent of health plans and 18 percent of health care providers in the SMB market are in compliance with the regulations.

“They’ve got their own fires to put out,” Crane said. “It doesn’t happen out of laziness but rather a crunch for resources,” he said.

Read more here

On April 18, 2005, the Federal Register published the proposed rule regarding enforcement of the HIPAA Administrative Simplification Rule. Comments on the proposed rule will be considered by the Department of Health and Human Services if received no later than June 17, 2005.

To read the proposed rule, click here.

(via privacy spot)

Techweb reports:

Enforcement of the security regulations–like earlier HIPAA rules for privacy–will be complaint-driven, he says. Since the HIPAA privacy regulations, which identify what personal health information needs to be protected, took effect two years ago this month, there have been nearly 11,000 complaints filed to the federal government by patients and others. As of January, about 62% of those privacy-violation complaints had been resolved, according to CMS. The others are still being processed or have been turned over to the Justice Department for criminal investigation.

Interesting survey stats:

A survey conducted earlier this year by Privacy and American Business and Harris Interactive showed that 70% of Americans are concerned that their personal health information could be disclosed because of weak data security, and 69% think electronic health records could result in the sharing of their health information without their knowledge. Sixty-five percent think patients will withhold information from doctors because of those concerns.

Some background on HIPAA, and Bush’s goals for electronic medical records:

HIPAA, which was passed by Congress in 1996, was written before the more recent federal push to have the health industry replace paper-based patient files with digital records. The Bush administration last year set a goal for most Americans to have electronic health records by 2014. The government estimates that billions of dollars can be saved annually in the United States by widespread IT deployments that can help reduce medical errors, costs, and waste.

Jeff over at the other HIPAA Blog points out a medblogger who also notes the San Jose computer theft incident.

The only problem? It’s not a HIPAA violation as they claim. (This according to Jeff Drummond, a guy who certainly knows his stuff.)

Jeff Drummond:

Grand Rounds is up, this time at GruntDoc, an ER doc blogging from the other half of the North Texas Metroplex, affectionately known as Foat Wuth. He links to a medblogger who notes the San Jose medical group’s computer theft incident I blogged recently, and says it’s a HIPAA violation; I disagree, at least with the long-distance diagnosis. The fact that something bad happens doesn’t mean there’s a HIPAA violation. The fact that PHI gets improperly disclosed doesn’t mean that there’s a HIPAA violation. HIPAA doesn’t require that PHI never get out wrongly, it just requires that covered entities take reasonable steps to try to prevent that.

There’s the key: ‘The fact that PHI gets improperly disclosed doesn’t mean that there’s a HIPAA violation.’