Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Ask Slashdot: HIPAA Privacy Compliance in the Snowden Age

Motard writes: For much of my career, I've worked in organizations subject to the Health Insurance Portability and Accountability Act. Among other things, HIPAA prescribes government-mandated regulations regarding the security surrounding Protected Health Information, or PHI.

In smaller companies, where I've been able to talk directly to the equivalent of a General Counsel, it has been interpreted as a requirement to employ reasonable measures to protect the information. In larger corporations — especially those that had found themselves entertaining representatives of The Office of The Inspector General — there are generally dedicated Risk Management or Security officers dedicated to eliminating risk — often without regard to practicality (since that isn't their charge).

So I ask this question: When it is demonstrated that a government contractor can flee to Hong Kong with classified secrets from the NSA (of all things), what chance does 'The Main Street Clinic' have of meeting the requisite data security requirements? At what point to we have to throw up our hands exclaiming "If the freaking NSA can't do it, how can we?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask Slashdot: HIPAA Privacy Compliance in the Snowden Age

Comments Filter:

To understand a program you must become both the machine and the program.

Working...