[euroclydon]

I read through the electronic portions of HIPAA a while back, and I think that if you were to install a public web server in the doctor's office, run some type of forms engine on it, and use SSL, that you could get close to satisfying the IT portion of the requirements.

I think it would also be necessary to leave the customer with written procedures for managing server access.

Clearly this is very involved and not scaleable, but if anyone here is considering setting up intake forms for a medical office, take a look at OpenEMR, they just received modular ONC certification, and are soon to get complete EHR certification [1].

[1] http://en.wikipedia.org/wiki/OpenEMR#Certification

[tedjdziuba]

Wow, OpenEMR is still alive? I was one of the 4 original authors as a junior in high school. Open Source for the win.

[euroclydon]

Yeah, I was involved briefly in source. You've got to have your hip-waders on.

[tedjdziuba]

Awesome! I took a look at the source - it's unrecognizable from what we cooked up that summer. 4 high school hackers in a basement, making an EMR system for the "CEO"'s mother who was an internal medicine doctor.

There was some really horrific things in there - this was before I knew what a JOIN was, so I'm glad some of my shame is long gone.

Still, it's awesome to see that the project is still alive.

[iends]

I've done a lot of work with OpenEMR, and this explains everything. heh

[diolpah]

Completely offtopic, but seeing dozba on HN made my day.

[tedjdziuba]

I'm creepin', but I usually get downvoted to hell. Surprise surprise.