Get started Bring yourself up to speed with our introductory content.

HIPAA security and Lotus Notes Domino

Learn about the HIPAA healthcare laws and how their changing will affect your Lotus Notes Domino security.

Back in June 2003, I wrote a series of articles about the federal HIPAA healthcare law and its effect on computer security. I explained the overall facts about this wide-ranging law, the changes it would mandate for many computer systems and detailed how Domino/Notes might be configured for those changes. I was proud of myself for being ahead of the curve, since the deadline for these changes was not until April 2005. I thought the summer of '03 was the perfect time to begin HIPAA security projects, with the implementation date about two years away. I began to offer a consulting service to advise clients about the HIPAA security regulations and help them meet the requirements.

The reaction to my articles was silence. No one applauded me for letting him or her know about the upcoming changes in such a timely manner. No one called to hire me for a HIPAA security audit. Even some of my ongoing Notes/Domino customers in the healthcare business did not seem interested in these HIPAA rules. So, I thought, "Oh well, nice try. I'm still making a good living with my other consulting work. No harm, no foul."

Then December '04 arrived. Data security and compliance officers in the healthcare world took a look at their projects for the next year and saw the looming HIPAA security deadline. I began to receive a lot of phone calls and e-mail about a topic I had more or less forgotten about. I now have a healthy business outlook for HIPAA projects.

In retrospect, I was unrealistic initially. The general HIPAA law calls for four or five large changes to healthcare practice in the U.S., and computer security is just one of those changes. Also, all the other parts of the law had earlier deadlines, which were occupying everyone's attention. With those deadlines past, compliance officers were able to look at the next piece of the puzzle.

So, here is my advice for the New Year… If your organization is involved with the healthcare business in any way -- including billing, data storage, consulting and software development -- now is really the time to get moving. The deadline for implementation of the HIPAA security rules is April 20 this year.

Here are the articles I wrote about HIPAA, which still apply:

And, some other useful links:

Chuck Connell is president of CHC-3 Consulting, which helps organizations with all aspects of Domino and Notes. Chuck also offers HIPAA computer security consulting via

Do you have comments on this tip? Let us know.

Please let others know how useful it is via the rating scale below. Do you have a useful Notes/Domino tip or code to share? Submit it to our monthly tip contest and you could win a prize and a spot in our Hall of Fame.

Dig Deeper on Lotus Notes Domino Security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...