Best posts made by drewlander

@scottalanmiller said:

@Dashrender said:

let's assume that it's provisionable/provisioned data - so what? I work for the company house/managing/maintaining the data, why can't I access it for the sake of security?

Because it is NOT your data, you DO NOT need it and it is against the law. The security to worry about here is IT getting data it does not have a right to see! The security breach here would be you.

The assumption of geo-security is an idea being pushed by IT, and to be useful would require a lot of HIPAA data that is not yours to use.

LOL! As a doctor, don't pay your hosted EMR bill then try to get YOUR data and see how that goes. I see this happen all the time. Vendors argue they cannot separate the intellectual property from the records without doing a "Conversion", which ends up costing tens of thousands depending on the system. You are basically paying an ETF for your contract because no conversion costs that much money.

This has nothing to do with ProjectSend tho. I do think the IP is good for tracking because it can show a trend or indicate unusual activity. Google does this with gmail and it works pretty well overall. If its required by HIPAA, I dont know. I doubt it specifically says you must tracking logins by IP. Chances are the legalese is much more generic like "The covered entity will make every reasonable effort to ensure only authorized users and or devices may be granted access to PHI" or something.

I dont know much about MS Access but I have tons of experience in SSRS. The way Microsoft expects code in most of their products is based on VB syntax in my experience. I found that in their products you cannot group filters, even in SSRS, so in that case I evaluate multiple conditions in a single expression returning TRUE or FALSE, then set the filter calling the expression to check against the value returned from the expression. So I am not sure what the MS Access equivalent would be without installing MS access, but I would write an expression like this in SSRS as example:

=iif(((Parameters!pShowCurrent.Value
AndAlso Fields!Detail_Age_Days.Value >= 0
AndAlso Fields!Detail_Age_Days.Value <= 30)
OrElse
(Parameters!pShow31to60.Value
AndAlso Fields!Detail_Age_Days.Value > 30
AndAlso Fields!Detail_Age_Days.Value < 61)
OrElse
(Parameters!pShow61to90.Value
AndAlso Fields!Detail_Age_Days.Value > 60
AndAlso Fields!Detail_Age_Days.Value < 91)
OrElse
(Parameters!pShow91to120.Value
AndAlso Fields!Detail_Age_Days.Value > 90
AndAlso Fields!Detail_Age_Days.Value < 121)
OrElse
(Parameters!pShowPlus120.Value
AndAlso Fields!Detail_Age_Days.Value > 120)
) AndAlso (
(Parameters!pResubmitFilter.Value
AndAlso Fields!Detail_Age_Days.Value > Parameters!pResubmitFilter.Value ))
, true, false)

This allows me to group conditions how I would directly in the SQL statement. My filter then would evaluate if the expression is true or false and then filter the results as needed. I know this specifically pertains to SSRS, but I bet MS Access does something similar.

Ill poke around and see if MS Access has a similar way of doing this when I have a chance.

thx
-d

It looks like there is an expression builder for calculated fields MS Access. Maybe that is what you require?

Youtube Video

@scottalanmiller said:

What form does that form take?

There is no mandate to document on paper or electronically; There is only incentive branded as "Meaningful Use". Additionally there is no requirement to transmit that file in either format. Moreover, when a release of records request is made, the office processing the request may charge a reasonable fee to prepare and send those records. That fee is governed by state law where applicable. And to be very clear, a patients records do not belong to the patient whatsoever. A patient is not entitled to scanned copies of everything in their chart. Basically you are entitled to what you already know. Diagnoses, medications and test results.

http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/medicalrecords.html

@scottalanmiller said:

Imaging is not a good way to backup a machine because it assumes you are restoring to the same hardware. What if you need to restore to a different OS version (this could mean nothing more than different patch levels?)

Several times I have found that cloning data to different hardware is a disaster. Usually this occurs when I have different partition sizes because the disks are not an exact match. Windows flips its lid if it doesn't like the partition alignment. Things like disk queue length go down the toilet and I end up having to run a clean install in the end. Also you can end up with different chipset and network card drivers, etc.I think manufacturers started imaging with a "Recovery partition" for this very reason. Of course with Windows 8+ you can Refresh the OS on demand. In a virtualized situation this has never been a problem for me though; Only physical imaging and clones. That is my empirical experience and does not answer any of the questions the OP asked however.

To address the OP's question's:

1. Your software settings are vendor specific. You would have to investigate each software individually.

2. There are a ton of options to inventory software. Ideally you would do this from a central point of management.
   Powershell
   https://gallery.technet.microsoft.com/scriptcenter/Software-Inventory-using-f2870b19

OpenAudIT
https://opmantek.com

3. If you have a donations database, I would first ask what is the RDBMS? If I could utilize some sort of transactional replication then it would happen.

4. Virtualization\Imaging
   If you have an **OEM **license it's against the terms to reuse that license by the MS Licensing terms that I know. If you have a Retail license I dont think there is any issue doing a p2v and re-using the same license to go virtual. (double check with MS on that)

I hope that is what you were asking.

thx
-d

@Dashrender said:

@BRRABill said:

@scottalanmiller said:

but as imaging rights for a full company are only about $120, it doesn't take much IT time saving to justify.

Is that per machine?

This is not the whole picture.

Sure Software Assurance for one workstation is $120, but if you don't have a pre existing VL agreement, it's not just $120 to get into one, or keep it going once you're in.

You have to buy at least 5 Open Value licenses to start a Volume License Agreement. To get into this with the lowest spend that would be 4 Windows Server CALs without Software Assurance ($75/ea) and 1 Workstation Software Assurance license ($120).

So the bare minimum to get started is $420, and this is good for 3 years, then you have to renew, for roughly the same cost.

Also, you can only purchase Workstation SA for computer that you acquired in the last 90 days. So if it's been more than 90 days, you would have to purchase a Workstation upgrade with Software Assurance for $115/yr from CDW or $345 for 3 years, though the renewal will be at the above stated $120 for 3 years.

Actually they have some DVD thing I recall that is less than ten bucks. Ill have to check my VLSC account ;-p. So it would be like 150.

To the best of my knowledge, the Express Editions do not have an Agent. You might also encounter another issue if you rely on report subscriptions.

@scottalanmiller said:

@drewlander said:

@scottalanmiller said:

the same OS

I have no experience with Synology to speak of, but having used QNAP's and owning several Netgear ReadyNAS (2x2100 and 2x3200), I think I lean towards QNAP these days. They are cheap and powerful. Also I hate the ReadyNAS "RaidAR" app for maintaining the devices. Why Netgear couldn't put together a decent Web UI blows my mind. Freakin "Net" is in their feakin name, and they historically have been an electronics company for network devices. Browsers should not be new to them. sigh.

The RAIDar app is just for initial detection. ReadyNAS has always been a web interface to maintain going back a really long time, at least. RAIDar is many years, maybe a decade, more recent than the web interface and even the most current has a web interface. You never need the RAIDar, that's just for non-IT people to set it up if they don't know how to get to a web interface on a system that has not been set up for L3 networking yet. It's definitely web and the same style web interface as their other gear.

I swear I have never seen the webUI, but if it exists I bet it requires an HTTPS prefix that I probably didnt provide. After much thought tho, I bet they did RAIDar for a consolidated nas management application they couldnt pull off with a web browser.

@scottalanmiller
Ill be damned. I just checked and there is a web UI I never saw.

Thanks, Ill have a look. I wonder if they are features I would be concerned over.

@scottalanmiller

I am installing it right now. Ill let you know.

@drewlander said:

I think I started the nethserver install once and got hung up on something or distracted and didnt go back to it. Ill be happy to install it and see how it compares.

Another thing that I was a little put off by with ClearOS is monitoring add-on was not free. Im not sure what they are offering but Nagios Core is freely available.

Some time I will need to put together a real technical analysis of these to break down the pros and cons, because they each have their own benefits and drawbacks.

@scottalanmiller said:

@Dashrender said:

aww.. so SQL has DAGs now too, eh?

Yes, actually SQL is the only thing that has them. AD and Exchange are using SQL under the hood. When they need HA, it is their SQL that primarily needs it. DAG is a SQL thing (AFAIK) and applies equally to all SQL-based products.

Related to SQL but not iSCSI ( and not to hijack this thread ) I upgraded all my servers to MySQL 5.7 this weekend after finding out about the GTID and Channel features for multi-master replication. It works perfectly. This is a huge feature making multi-homed MySQL all-master all-active replication available in a community release. Someone should start a thread on this if there is not one already.

About the iSCSI, I think I recall I saw a similar error once and found out I was doing something wrong. More specifically I didnt have the allowed iscsi initiators set correctly.

thx
-d