问题
Ok so I would for a branding company and we're just scratching the surface of collecting pharma data. I know a bit about HIPAA com pliancy but I guess where I'm fuzzy is..
A). when collecting data via a form, do I need to de-identify the data.. I.e. store it across separate tables etc. B). who/what has access to the functions/procedures to unencrypted any data stored. C). Can the database be a MySQL database? D). Do I need a certification/approval/license to do any of this?
Basically what do I need to do, besides encrypting the data and storing it on a HIPAA compliant server. I want to capture customer data via a form. Thanks!
来源:https://stackoverflow.com/questions/5980423/hipaa-compliancy-what-do-i-need-to-know