Microsoft technologies. By default, non-HIPAA compliant?

From: Anything But Microsoft (abm_at_anythingbutmicrosoft.org)
Date: 06/30/04

  • Next message: Defakto: "Re: Java applet crashing with native assertion" 
    Date: Tue, 29 Jun 2004 22:43:19 -0400
To: <@securityfocus.com BUGTRAQ <BUGTRAQ@SECURITYFOCUS.COM>

    The US health care system is the only industry where best network and
    security practices are a federally mandated requirement.
     
    In light of last weeks MS vulnerabilities with no known patches or
    usable work around (text only mode in a browser, or security settings
    that disable most usage, is not a suitable work around) I have a
    question for everyone here with an answer for interpretation.
     
    Are Microsoft technologies by default non-HIPAA compliant in regards to
    protecting confidential patient information? If you are a health care
    provider and use any Microsoft technology where alternatives exist, such
    as for e-mail and web usage, is that exposing your PC/network to
    unnecessary risks? (Thereby violating the spirit of HIPAA?)
     
    When security experts en-mass suggest you find alternatives to IE, and
    you as an information technology services provider to the health care
    industry do not provide these Microsoft alternatives, are you not
    providing HIPAA compliant services?
     
    My view is that any health care provider using replaceable Microsoft
    technologies is not HIPAA compliant, in regards to privacy or security
    of patient data.
     
    Your thoughts and comments?
     
    <duck and cover...>
     
     

  • Next message: Defakto: "Re: Java applet crashing with native assertion"

    Relevant Pages

    • RE: Microsoft technologies. By default, non-HIPAA compliant?
      ... > security practices are a federally mandated requirement. ... I work in the banking industry and we are federally regulated and audited for security. ... > My view is that any health care provider using replaceable Microsoft ...
      (Bugtraq)
    • RE: Quebec Health Care Virus
      ... Subject: Quebec Health Care Virus ... This is more an indictment of the Quebec health care system ... that these versions of Windows are still in use even after their ... platform that has 5-20 serious security patches per month released, ...
      (comp.os.vms)
    • Re: Baucus Gangs Proposed Plan Short On Care
      ... When the Social Security system was created, because they had their own funding source, you know if it is able to pay for what it promised to pay. ... when Ron Wyden talks about health care ... of insurance plans. ...
      (soc.retirement)
    • Re: Quebec Health Care Virus
      ... The problem is that it's a rare politician who looks past ... Subject: Quebec Health Care Virus ... Windows, but if the upfront cost is too high, it doesn't make ... platform that has 5-20 serious security patches per month released, ...
      (comp.os.vms)
    • RE: Quebec Health Care Virus
      ... Subject: Quebec Health Care Virus ... decision making. ... higher up-front costs. ... health care issues and many other issues where serious security issues ...
      (comp.os.vms)