Hello,

I am looking for any opensource package for "appointment system" for
doctors, please let me know. This is just o take Name/Phone/time,
incase if there is not any opensource, then is it hard to implement
using web/php/mysql?. Please let me know.

GS

GS wrote:
> Hello,
>
> I am looking for any opensource package for "appointment system" for
> doctors, please let me know. This is just o take Name/Phone/time,
> incase if there is not any opensource, then is it hard to implement
> using web/php/mysql?. Please let me know.
>
> GS
>

Don't know of one offhand, but a caution. If you're in the U.S., you need to be
very careful. This could be covered by HIPAA and security would be very important.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

"Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
news:9ZadnRMPk_zivcnZnZ2dnUVZ_tednZ2d@comcast.com. ..
> GS wrote:
> > Hello,
> >
> > I am looking for any opensource package for "appointment system" for
> > doctors, please let me know. This is just o take Name/Phone/time,
> > incase if there is not any opensource, then is it hard to implement
> > using web/php/mysql?. Please let me know.
> >
> > GS
> >
>
> Don't know of one offhand, but a caution. If you're in the U.S., you need
to be
> very careful. This could be covered by HIPAA and security would be very
important.
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstucklex@attglobal.net
> ==================
Your so right!! And not only doctors, but also anyone or organization that
deals with personal data that could be considered diagnostic. (support
groups, therapy etc.) I've been bitten by this dog already.

Al Kolff alkolffx@eartlink.net
remove the x
"Experience is a hard teacher because she gives the test first, the lesson
afterward. But properly learned, the lesson forever changes the man."
~ Randy Alcorn, Safely Home

Jerry Stuckle wrote:
>> This could be covered by HIPAA and security would be very important.

What more can someone do beyond basic passwords to keep unwanted users
out? I dont see how personal info needs to be treated with the same
security as credit card and social security numbers.

veg_all@yahoo.com wrote:

> What more can someone do beyond basic passwords to keep unwanted users
> out?

Here are some examples. Not very practical, but sometimes might be even
required.

- Using strong passwords or forcing users to use strong passwords. It
would also be possible to require two persons to login at the same time,
before data is revealed.

- Data should be kept in crypted form instead of plain text, and the
algorithm used should be strong enough to hold the privacy, even if the
algorithm itself is known. To prevent data leaking if someone steals the
hard drive or happens to gain access to the server itself.

- Access to the data can be restricted. Usually it is not required that
everyone can access to everyones data in every day. To prevent attacks
from inside and preventing someone to steal the whole database within a
single and fast attack.

- Logging can be used to save reconds of possible abuses or abuse attempts.

- There should be no access to the data via public networks, directly or
indirectly as that would give potentiaaly anyone access to the computer.

- There should be no public access to the computer that holds the data,
or is connected to the computer that holds the data. Same thing as it is
with Internet, except in smaller scale.

veg_all@yahoo.com wrote:
> Jerry Stuckle wrote:
>
>>>This could be covered by HIPAA and security would be very important.
>
>
> What more can someone do beyond basic passwords to keep unwanted users
> out? I dont see how personal info needs to be treated with the same
> security as credit card and social security numbers.
>
In the United States, giving out someone's social security or credit card number
is not a federal offense. Giving out any medical information without their
consent is. Do some searches on HIPAA.

So - if you value your freedom, any personal information having to do with the
medical field has to be guarded with even more care than credit card and social
security numbers. The law is very strict and penalties severe.

And yes, there are a number of things you can do beyond basic passwords. And
when dealing with medical information, some of these things MUST be done.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Jerry Stuckle wrote:

> So - if you value your freedom, any personal information having to do with the
> medical field has to be guarded with even more care than credit card and social
> security numbers. The law is very strict and penalties severe.

I dont understand the logic behind this. If someone steals my cc and
ssn, I lose thousands of dollars and enormous amounts of time. If
someoen finds out I have a doctor's appointment at 2PM, what is the
loss? Regardless of what the law says, the two breaches are not of the
sams magnitude. Plus there tons of people trying to hack and find cc
and ssn numbers, but how many people are hacking to find medical
information? I understand what you are saying about the HIPAA law, but
it does not seem very practical.

veg_all@yahoo.com wrote:
>>So - if you value your freedom, any personal information having to do with the
>>medical field has to be guarded with even more care than credit card and social
>>security numbers. The law is very strict and penalties severe.
>
> I dont understand the logic behind this.

Laws are designed often for political reasons, not for reasons of
consistency with other laws.

In any case, we don't need to agree with it, it's the law and it must be
taken into account. If you're a programmer on a medical information
system, you had better learn HIPAA and do what it takes to comply, or
else the organization for whom you're designing code could suffer huge
consequences.

Regards,
Bill K.