"the first step in gaining complete control over the device." The first step in gaining complete control over the device . . . (?!) Am I the only person who finds it strange that we don't have complete control over devices we purchase by default? I mean . . . I know, I know, and I know. But still--all of this back and forth effort just seems retarded. Surely there is a better way to do this.

http://www.ultimaaiera.com/ultima6/ultima-6-project-archon/

We don't intercept that communication, we are a life insurance company who have records of peoples EPHI. The only way we'd ever see EPHI through outgoing mail is if someone were committing a violation anyway. HIPAA affects everyone, company wide. There is no special license for IT, we are just bound by HIPAA. We work at the company so we are going to see SSNs and EPHI in the course of our daily work anyway. The entire idea of anyone being mad that IT saw their info is ludicrous considering we are the ones that maintain the information systems that house the data. I mean, get real.