Re: Security Policy - HIPAA Guidelines Template Format (1)

From: Whoha (whoha@umich.edu)
Date: 02/20/03

  • Next message: Freddy Söderlund: "Real-life problem: Installing applications onto workstations in a domain without giving users admin access"
    From: whoha@umich.edu (Whoha)
    Date: 20 Feb 2003 09:16:15 -0800
    
    

    John Thompson <john@starfleet.thompson.us> wrote in message news:<slrnb3tib6.hqp.john@starfleet.thompson.us>...
    > In article <Bfx%9.688$1r4.53278@news.uswest.net>, snow@ntcity.com wrote:
    >
    > > An easy to use document that comes in word format as well as a
    > > publishable pdf format.
    >
    > On the topic of HIPAA... has anyone else had concerns regarding HIPAA
    > compliance when using Microsoft software? The new Microsoft EULAs, which
    > you *MUST* accept to use the software, make you agree to allowing
    > Microsoft access to your machines for updates, license verification, etc.
    > This strikes me as being in violation of HIPAA requiements to restrict
    > access to only authorized personnel.
    >
    > It will be interesting to see how this shakes out...

     The vendor portion of the HIPAA has provisions for vendors to sign
    privacy agreements. This will cover this type of requirement, BUT is
    the transfer of data done in a secure fashion, can they gain access to
    PNI info, and do we want them to do this in the first place?



    Relevant Pages

    • Re: Security Policy - HIPAA Guidelines Template Format (1)
      ... > publishable pdf format. ... On the topic of HIPAA... ... compliance when using Microsoft software? ... Microsoft access to your machines for updates, license verification, etc. ...
      (comp.os.ms-windows.nt.admin.security)
    • RE: Microsoft technologies. By default, non-HIPAA compliant?
      ... In support of the claim that Microsoft is not HIPAA compliant, show me ANY Microsoft machine that actually does Healthcare and show me that I cannot recreate a patient from data stored on the computer in cache or other areas. ... The machine does NOT have to be connected to anything in order to automatically violate the HIPAA mandate that patient data is secure and that a patient record of other information available on the system can reconstruct a patient record. ... If you are a health care ...
      (Bugtraq)
    • RE: Microsoft technologies. By default, non-HIPAA compliant?
      ... HIPAA compliant if you use Microsoft products is clearly wrong. ... > security practices are a federally mandated requirement. ...
      (Bugtraq)
    • Re: sp3 and HIPAA
      ... > Windows 2000 and HIPAA compliance came up, the Microsoft ... > employee stated that the service pack is compliant. ...
      (microsoft.public.win2000.security)
    • Re: Security Policy - HIPPA Guidelines Template Format - 06
      ... DO YOU EVEN READ REPLYS TO YOU SPAM? ... what does HIPPA stand for? ... shurly you don't mean HIPAA, ... > An easy to use document that comes in word format as well as a publishable pdf format. ...
      (comp.security.misc)