Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Submission + - Ask Slashdot: HIPAA Privacy Compliance in the Snowden Age

Motard writes: For much of my career, I've worked in organizations subject to the Health Insurance Portability and Accountability Act. Among other things, HIPAA prescribes government-mandated regulations regarding the security surrounding Protected Health Information, or PHI.

In smaller companies, where I've been able to talk directly to the equivalent of a General Counsel, it has been interpreted as a requirement to employ reasonable measures to protect the information. In larger corporations — especially those that had found themselves entertaining representatives of The Office of The Inspector General — there are generally dedicated Risk Management or Security officers dedicated to eliminating risk — often without regard to practicality (since that isn't their charge).

So I ask this question: When it is demonstrated that a government contractor can flee to Hong Kong with classified secrets from the NSA (of all things), what chance does 'The Main Street Clinic' have of meeting the requisite data security requirements? At what point to we have to throw up our hands exclaiming "If the freaking NSA can't do it, how can we?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask Slashdot: HIPAA Privacy Compliance in the Snowden Age

Comments Filter:

It is impossible to travel faster than light, and certainly not desirable, as one's hat keeps blowing off. -- Woody Allen

Working...