Introduction:
For the last 10 years our hospital-based physician group has been using Excel to record, store, and analyze our physician-patient encounter data. Since the
Excel data has been stored on an intranet share-drive, accessible only to the physicians in our group, the data has not been password protected nor
encrypted. Neither our compliance nor IT departments have ever raised any concerns regarding HIPAA complaince - at least as it relates to our Excel data.
It was in this context that I decided to upgrade our 'database' by creating an Alpha Five desktop application. The A5 dbf files would be stored on a
share-drive analogous to the share-drive that housed our Excel data. Therefore the A5 dbf files would be at least as secure as our Excel files had been. In fact, with the added A5 password protection and encryption (such as it is), the dbf files would be even more secure. In addition, one of our hospital IT managers told me that HIPPA rules were independent on any particular technology - i.e., as long as I had adequate password protection, the dbf files would be acceptable in this case.
The Meat:
Unfortunately, now that my A5 application is nearly completed and ready to be installed, another member of our IT department is now raising a red HIPPA flag about the dbf issue. I am now told that HIPPA rules have some very specific technological requirements. In particular, dbf files are apparently not acceptable. I am told that the database must be an sql database. So, at this point I would like some expert advice. What would be the least painful way to re-cast my application? Keep in mind that this was my first A5 project and that I still consider myself an A5 novice. Some ideas that have occurred to me are:
1. Start from scratch with a web application based on a sql datatbase? Even though my current app is comprised of only a single, 2-table set (one-to-many), it has about 20 forms. Therefore, re-casting would not be trivial. Also, I currently know next-to-nothing about developing a web app.
2. Keep my current desktop forms and layouts, but somehow incorporate 'direct sql' to populate an sql database. For this reason, I have watched all the following videos: http://wiki.alphasoftware.com/Learni...ith+SQL+Tables. Though I understand the general principles presented, I am having difficulty understanding how I can incorporate these xbasic/sql commands into my current application.
3. Pay someone to do one of the above.
Any thoughts? Any advice?
Thanks,
Jim
For the last 10 years our hospital-based physician group has been using Excel to record, store, and analyze our physician-patient encounter data. Since the
Excel data has been stored on an intranet share-drive, accessible only to the physicians in our group, the data has not been password protected nor
encrypted. Neither our compliance nor IT departments have ever raised any concerns regarding HIPAA complaince - at least as it relates to our Excel data.
It was in this context that I decided to upgrade our 'database' by creating an Alpha Five desktop application. The A5 dbf files would be stored on a
share-drive analogous to the share-drive that housed our Excel data. Therefore the A5 dbf files would be at least as secure as our Excel files had been. In fact, with the added A5 password protection and encryption (such as it is), the dbf files would be even more secure. In addition, one of our hospital IT managers told me that HIPPA rules were independent on any particular technology - i.e., as long as I had adequate password protection, the dbf files would be acceptable in this case.
The Meat:
Unfortunately, now that my A5 application is nearly completed and ready to be installed, another member of our IT department is now raising a red HIPPA flag about the dbf issue. I am now told that HIPPA rules have some very specific technological requirements. In particular, dbf files are apparently not acceptable. I am told that the database must be an sql database. So, at this point I would like some expert advice. What would be the least painful way to re-cast my application? Keep in mind that this was my first A5 project and that I still consider myself an A5 novice. Some ideas that have occurred to me are:
1. Start from scratch with a web application based on a sql datatbase? Even though my current app is comprised of only a single, 2-table set (one-to-many), it has about 20 forms. Therefore, re-casting would not be trivial. Also, I currently know next-to-nothing about developing a web app.
2. Keep my current desktop forms and layouts, but somehow incorporate 'direct sql' to populate an sql database. For this reason, I have watched all the following videos: http://wiki.alphasoftware.com/Learni...ith+SQL+Tables. Though I understand the general principles presented, I am having difficulty understanding how I can incorporate these xbasic/sql commands into my current application.
3. Pay someone to do one of the above.
Any thoughts? Any advice?
Thanks,
Jim
)
Comment