In this live learning I discuss how to achieve HIPAA Compliance. This is another walk and talk audio note from a beautiful July Summer Night in Toronto. As a software company we have always wanted to help people with mental health and well-being. That means there may be some very serious personally identifiable information involved. In fact, some people may be in the most vulnerable states of their lives and we want everyone to be confident if they are trying to heal themselves alone or with the support of others that they can be confident that work is secure.
At Speak Ai and Sessions.ai we are working towards achieving our HIPAA Compliance status. In the audio note below, I talk more about this. As always, you can find these audio notes as podcasts! If you’re interested in listening to these through your favourite podcasts application, please check out the links at the bottom of the content! Thanks again for all the support.
“Healthcare privacy compliance made easier.
Scale your digital health solution faster with MedStack’s out-of-the-box HIPAA compliance solution.
|14||Health and Wellbeing||1|
|2||Android (operating system)||1|
|5||Amazon Web Services||1|
Transcript (Timestamped & Unedited):
8 min read (1538 Words)
One of the things that I’m really working on in trying to understand right now is HIPAA compliance. Period. It’s a. Basically a security level protocol and some systems and documentation and ways that you deal with your own technology and your documents and forms and everything.
And it’s not necessary. You know. Generally lead North American, the United States. But is how you actually deal with. Patiently patient information in health care, electronic health records, anything like that, and if any audio or video or text information has personally identifiable information and it’s used in healthcare context. And then there’s all the sudden a lot of requirements for security and privacy, and rightfully so. So what I’m trying to figure out if it’s been working on it for a bit and there will be an audit and a lot of work
that get spreading to reaching that level and not sure. Quite expensive too, but I think it’s something very valuable and worthwhile for myself. I’m recording very vulnerable thoughts and journals into my own system, and I want to trust it and. As you store in different servers whether Amazon Web Services or Microsoft is there or Google Cloud like. There’s also things to think about there because you’re storing on another company servers and then you have to make sure that those systems are obviously compliant, so there’s a lot of work that actually goes into it,
and it’s the first time I’ve ever done something like that in the past.
You come from marketing and marketing is not the best place for how they treat that on privacy.
And frankly, people move very quickly and don’t necessarily take all the consequences for peoples privacy into into consideration. Generally, it’s you know you’re rewarded with lower customer acquisition costs and lifetime value with.
With the amount of information that’s actually capable of being retrieved.
So. Lots of things to think about as you build a company in a technology that you hope has medical,
medical grade but.
A high level of security and privacy so people feel that they can trust and and use the technology and.
For myself, I really hope to build a company in technology that that exudes that that that lives up to those standards that I know we’re not there yet. We’re not. We’re doing a lot of work on this. But It’s it’s something that I’m exploring and I’m trying to learn, and if any of you have experience with HIPAA compliance, I’d love to understand this in Canada this pita. More than that, we’re looking at GDP. Are we looking at all these different levels of security and privacy? That’s actually required in? And again,
I’m, I’m glad these things are coming into place. Spell it. I’m also having to.
Figured out the best I can, and it’s not necessarily an easy thing to do, so I would appreciate anyone who knows how to do this. There’s a couple options and I’m just walking down internally. Just saw Fox, I make sure.
Hello, I will move a little bit over your way.
Don’t think you’re going to harm me.
I hope not. Anyways got some docs coming though. Here’s the difference between the audio and text experience. People would have no idea what I’m doing and texts, but maybe you can even hear the dog in the background. So one of the other articles I did was writing verses speaking and then also capturing inspiration and. How can we do that? and I I I’m laughing as I’m walking right now talking about HIPAA compliance and having those things happen.
So back to HIPAA compliance, there’s a couple of options I’ve explored and I don’t have it up in front of me. I apologize, I’m going to put this in the post, but I found one company I didn’t find Lauren, our team found it. Thank you, Lord, it looks like what is an awesome company to help with HIPAA compliance, and they’re actually working on pita as well too, so. I will share a link to that, try to share just some resources of what I found so far.
My look and talk to a lawyer. Probably going to include her information.
I don’t know if that’s unsolicited or not, so I might not. If it’s not there,
but she helped, it gives me awesome documents and just talk about it and shared that in a way. It’s maybe not as difficult as we actually make it out to be,
so that was really interesting to hear.
Thank you to Goodmans Law firm.
Actually enabling us to to do that. I’m guessing this. Is going to be a little bit of an ongoing task and I’ll continue to look into this,
so so again, part of live learning and just trying to figure out some big problems that.
People are having. For this case, it’s specifically maybe if you’re a software company trying to work in medical health care,
0:05:21 – Speaker #9
but this is important to me and I know it’s important to a lot of people ’cause I talked to companies trying to figure this out, or ones that haven’t heard about the processing. The costs of the difficulty. We’re getting a look at, so I hope it’s not too windy for you and I apologize if it is one of the things I’ve done is give myself a 10 minute limit on this. Only have 10 minutes for this specific urban. That’s actually a limitation of using our app in Android phone right now through the web browser on Android.
For some reason you’re limited to 10 minutes and actually 25 seconds.
Can they be here? I’m walking on some gravel now. The piece that I’m thinking about HIPAA compliance, just want those one company, a partner at DMV. Maybe not necessary official partner, but biology is one of the advisors for the DMV is awesome guy and is focused on basically helping companies almost automate their HIPAA compliance.
And we had awesome conversation with their team at the team there. I. I’m still trying to understand that’s the best option really. Frankly, the only situation we see is the were using a WS and there’s this based sort of on Microsoft Azure with Amazon. So the more smoother integration is coming soon, but there is something to think about there and right now it’s a bit expensive, so I’m not going to say the price points off off the top of my head, but I believe if you go to Med stack and I don’t know if it’s Med stack comed stack dot CL, I’ll post that below and you guys can check it out, but definitely something worthwhile if you start up and trying to get HIPAA compliance.
But as always, indecisive myself exploring many options. And just trying to figure out what the best one it is and always in a way this desire to try to sort of do it ourselves, even if that’s maybe not the best thing. Or, you know, in the long term, if we, if we’re successful with this, that it actually might be to be the best thing. So couple things I’m thinking about HIPAA compliance there. I’m sure there’s some other consultants, some companies that are specialized in that I’ve heard of some third party companies with API’s really just need to do a deeper look into it and.
Frankly, not doing a very good job live learning yet because I’m doing good job live learning. I’m just walking and talking, but I don’t have any Google searches or anything yet. Really have really helped me, so I’ll see if I can do that. Find some stuff and I’ll share those links in this article as well to walking amongst trees in Toronto there. From my understanding, just as a couple last notes, as I reflect on this,
and as I continue my walk to Toronto and might record one more note after this and turn it into a post and in the transcript and everything. The. HIPAA compliance is a level of privacy and security, but I think you know, maybe just like many things, maybe it’s an I. I can’t confirm this, so I’ll continue to look into this and share as I learn about it. Just because you have that level of compliance, does it really mean that you’ve actually done the job to protect your customers assets and their data and their privacy? And especially for us, you know in this company, which again, really trying to put a focus on this, because we’re trying to help with self analysis and. To do self analysis you have to you don’t have to, but if you share you know special like share about yourself intimately and try to learn and iterate and grow through self improvement and journaling and note taking and documenting your experiences and we try to help with analysis to give you back.
There’s a lot of personal information there and I really want to protect that everyone in our team wants to do that and we’re doing everything to get over the barriers of actually getting there. So look forward to sharing more and hopefully some progress on that side. With you and as always, thank you for checking this out. This will be on the website is embeddable. Poster will also be a little podcast as well too, so this is live learning style of writing. You can see I’m getting out of breath in this walk and it still wonderfully warm out here. Apologize for the sound quality, something I talk about, but you know this is this is the piece on inspiration and trying to tap into it the best way we can. Whatever time you’re reading this, listening to this. Watching this, I hope everything is is great in your life and.
Best of Luck on your journey and I hope to connect at some point. Thank you.