@Dashrender said in Damaged/Lost Iphone in default setup - HIPAA secure?:

@scottalanmiller said in Damaged/Lost Iphone in default setup - HIPAA secure?:

If the question is "Can Israeli quasi-government hacking agencies get your data if necessary", then no. But it was never secure at all.

LOL - Not sure where the Israeli quasi thing came from - but thanks for the laugh.

The world's most advanced hacking toolsets are made by arm's length government contractors in Israel. That's where that tech is currently made pretty much regardless of which governments are using it.

@pete-s said in Is XYZ considered secure?:

But if compliance is required, don't you have to abide and make decision based on both real security as well as compliance?

Nothing makes you abide by good security other than the risk of being sued over it. So no, you don't have to abide by both. Is it best to, sure of course, if you value you company.

http://www.tomshardware.com/news/facebook-match-patient-data-profiles,36839.html#xtor=RSS-181

0_1505718013007_IMG_7679.JPG

Where will his EHR be hosted? Local or cloud?

I would say it can be done a good bit cheaper that $80k,.. I mean wow. I know NTG could spec it out less.

So much of HIPPA is simple common sense with no all users seem to understand. You don'[t keep patient data on the local computer.
IIRC - Bitlocker isn't 'approved' for drive security - Vera Crypt I know isn't. But if you do an RDS session to the server - keeping all the data on the server, you may be fine with that. Keeping everything off the local prevents multiple failure points.

@BRRABill said in Comparing Fax and Email Security:

@scottalanmiller said in Comparing Fax and Email Security:

@BRRABill said in Comparing Fax and Email Security:

P.S. Are you getting paid by some strange company to use the word "corruption" this week?

Calling it as it is. The world is a very corrupt place and most of it happens because society conditions us to feel like it is acceptable.

And there it is ... AGAIN! 🙂

Society hasn't changed, it's just how it is.

@Dashrender said in O365 and encrypted mail to other email systems:

I don't look at it as bleakly as you do. You in no way told the receiver they couldn't receive it, you told them they have to use a different method to receive it. Is it a good experience - I'm not going to argue that point, frankly I don't care as long as it works.

But you did... you sent them an email and the email didn't include the payload, it told you to go look in another system for the payload that didn't arrive (the princess is in another castle.) Why did you need the email if email isn't delivering the message? It's obviously similar to failure... two systems are being used for a single thing. All they want is the payload, not a message telling them about a payload elsewhere.

@thecreativeone91 said:

Seems appropriate

Youtube Video

Looks like a lot of fun!