By Brian Gilmore
March 2004
ATSI’s Legislative Affairs Committee is working diligently to forge a consensus between wireless carriers, telemessaging call centers, and their respective vendors on HIPAA issues. The committee is pursuing a three-part initiative:
- ATSI believes that in many cases the amount and substance of Protected Health Information (PHI) actually transmitted over paging networks is insignificant. To that end, ATSI is actively seeking the cooperation of the paging industry to work directly with the US Department of Health and Human Services (HHS) to educate the agency on this particular issue and solicit specific published guidance from HHS in order to clarify the matter. In a position first articulated by the immediate past chairman of the committee, Gary Pudles of Answernet Network, the committee maintains that HHS should exempt from HIPAA security requirements, wireless text message transmissions by covered entities (CEs) and their business associates (BAs)that contain no substantial PHI. Known in legal terms as a “de minimis exception,” there is already some indication that HHS is thinking along these lines in other matters covered by the HIPAA Security Rule.
- In other cases where substantial PHI must be transmitted wirelessly, there is little doubt expressed by HIPAA experts that PHI should be transmitted securely. The committee accepts this advice and is urging a consensus on methods, procedures, and protocols among interested parties through the Telemessaging Wireless Forum (TWF). The committee is dedicated to finding solutions that require little or no short-term changes in telemessaging software or equipment. Ideally, the committee believes that telemessaging call centers should continue to be able to use their existing TAP dialup modems for the foreseeable future to securely deliver wireless text messages to carrier networks.
- The committee recognizes that no telemessaging system installed or in production today supports the forthcoming security standards consensus. The committee further recognizes that an extraordinary combination of people from multiple industries, in many cases competing industries or at best competitors within specific industries, must work together to achieve even basic security standards for wireless text messages. To this end, the committee suggests the development of an inter-industry RFC (Request For Comments – later to be adopted as a standard) for inexpensive and modular Windows PC Internet gateway software to securely interface TAS systems to wireless text messaging networks.
ATSI has already sought the advice and assistance of the Paging Technical Committee (PTC) and the board of directors of the American Association of Paging Carriers (AAPC) on this issue. They are inviting the close cooperation of all interested parties in the new Telemessaging Wireless Forum.