

Ask HN: HIPAA compliant version of Wufoo? - qeorge

We love Wufoo, but we need a HIPAA compliant version. Does anyone know of such a product?<p>(If not its a good niche. Consider sign-up forms for doctors offices, dentists, sleep centers, etc..)
======
tirrellp
I explored this idea for some time.

Basically, if I wanted to put together a 'Wufoo for the Medical Field' the
easiest way to get around the HIPAA compliance is to use the Google Health
model. Essentially your 'Primary Relationship' would be with the user, not the
HealthCare provider as a vault for them to store their stuff and 'authorize a
data push' to the healthcare provider on an ad-hoc basis.

The largest roadblock to an idea like this is that the healthcare industry is
decidedly anti-innovation. Not on purpose, its just how the economics work.
Industry consultants and solution providers have been trying to get e-health
going for a LONG time, and only now are we seeing things like doctors carrying
around ipads.

Integrating with healthcare systems involves either integrating with the large
integrators, who dont have an api and who arent in the business of opening up
hooks for data pushes (Unless their customer says they want to do it) for
potential competitors OR hanging out with the small 1 doctor office medical
practitioners who most likely dont understand their technology and don't
understand why they need to move things online and 'into the cloud.'

I reached out to the drchrono guys to try to get access to their api so that I
could build a proof of concept for this and do an end run around the
established tech providers, but I never heard back from them. Their API has
been 'coming soon' for a long time.

If you decide you want to store information on behalf of the HealthCare
provider, then you have to be HIPAA compliant and then getting something like
this off the ground becomes an order of magnitude more difficult. I looked at
the process/paperwork for becoming HIPAA compliant, and it doesnt look that
difficult, but it does look like something designed to keep small guys from
entering the field.

Sorry for the ramble. Hope it helped.

------
tylerrobb
My mother runs a dental practice and I was just looking into Wufoo for her new
patient registration, medical history, and consent forms. After some searching
around a bit, I came across several examples of what I'm after but I'm not so
sure of the legality.

<https://hdp.wufoo.com/forms/p7x3x5/>

<https://dentists4kids.wufoo.com/forms/s7p7r3/>

[http://drbobporter.wufoo.com/forms/hipaa-and-consultation-
pa...](http://drbobporter.wufoo.com/forms/hipaa-and-consultation-packet-
review/)

<https://dentalbliss.wufoo.com/forms/p7x3a1/>

Because I'm just now getting plugged into the healthcare sector, what is
allowed and what isn't in regards to data on 3rd party websites? How do
digital signature work? Is there a central place I could go to learn?

Because my mother's practice has always been pen and paper for the past 25
years, they haven't even started looking into digital options. Now that we
are, I need make sure that everything is legal since the practice means
everything to her.

Thanks for any insight and guidance! This post is exactly what I was looking
for.

