ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Local Encryption ... Why Not?

    Scheduled Pinned Locked Moved IT Discussion
    357 Posts 15 Posters 190.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • BRRABillB
      BRRABill @scottalanmiller
      last edited by

      @scottalanmiller said:

      That's possibly true. Although I know from this past week of nurses violating HIPAA left and right telling patients in facilities about other patients in the same facility.

      In 2015 that is just ridiculous.

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • BRRABillB
        BRRABill @scottalanmiller
        last edited by

        @BRRABill said:

        Look at his. Puch.

        That was SUPPOSED to say.

        Look at this. OUCH.

        1 Reply Last reply Reply Quote 0
        • BRRABillB
          BRRABill @scottalanmiller
          last edited by

          @scottalanmiller said:

          We are talking about an employee who has legitimate access to data to do their job and decides to take that data out of your systems and steal it. There is no technical means of preventing this, this is data that the end user was allowed to have and decided to steal. There is nothing to investigate except for the end user.

          It is YOUR data that was used improperly. It is a breach and has to be reported.

          If YOU did everything you were supposed to, you will be fine.

          But it is still a loss of your data.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @BRRABill
            last edited by

            @BRRABill said:

            @scottalanmiller said:

            That's possibly true. Although I know from this past week of nurses violating HIPAA left and right telling patients in facilities about other patients in the same facility.

            In 2015 that is just ridiculous.

            I've seen just about zero change of behaviour in medical professionals after HIPAA. Data is just disclosed left and right.

            I wonder if you have to disclose breaches when you have nurses who just openly talk about patients. Do they classify that as just one breach at a time so tons and tons of one record breaches? Or is that one nurse (and it was many) accountable for the cumulative exposure of more than 500 over time? How close in chronological time do exposures have to be to be constituted a breach?

            1 Reply Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @BRRABill
              last edited by

              @BRRABill said:

              @scottalanmiller said:

              We are talking about an employee who has legitimate access to data to do their job and decides to take that data out of your systems and steal it. There is no technical means of preventing this, this is data that the end user was allowed to have and decided to steal. There is nothing to investigate except for the end user.

              It is YOUR data that was used improperly. It is a breach and has to be reported.

              If YOU did everything you were supposed to, you will be fine.

              But it is still a loss of your data.

              Sure, has to be reported. Has to be investigated. No question there. Just saying, if the breach happened outside of the IT systems IT doesn't even need to be investigated as the data was outside of controls when it happened.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller
                last edited by

                I know that just last year Baylor hospital system was using HIPAA violations to pull medical records to use in attempts to extort money from family members of patients in Texas.

                BRRABillB 1 Reply Last reply Reply Quote 0
                • BRRABillB
                  BRRABill @scottalanmiller
                  last edited by

                  @scottalanmiller said:

                  I know that just last year Baylor hospital system was using HIPAA violations to pull medical records to use in attempts to extort money from family members of patients in Texas.

                  I mean, that is the reasoning behind it.

                  Or to prevent a corporation from mining the patient data for profit.

                  The joke it has evolved into is ridiculous.

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @BRRABill
                    last edited by

                    @BRRABill said:

                    @scottalanmiller said:

                    I know that just last year Baylor hospital system was using HIPAA violations to pull medical records to use in attempts to extort money from family members of patients in Texas.

                    I mean, that is the reasoning behind it.

                    Or to prevent a corporation from mining the patient data for profit.

                    The joke it has evolved into is ridiculous.

                    Yup, and mining for profit is what they were doing there. And because there isn't public, mass breach but just individuals being extorted there is no way to get HIPAA involved by the public who are being extorted.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller
                      last edited by

                      This thread shot to the top of the most popular charts pretty quickly!

                      BRRABillB 1 Reply Last reply Reply Quote 1
                      • BRRABillB
                        BRRABill @scottalanmiller
                        last edited by

                        @scottalanmiller said:

                        This thread shot to the top of the most popular charts pretty quickly!

                        And it's not even really done yet.

                        Though to be fair, it kind of delved out into the HIPAA landscape, which was inevitable but not necessarily desirable.

                        1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          Yes, the original question was more generic. HIPAA has much better reasons to look at general encryption.

                          1 Reply Last reply Reply Quote 0
                          • dafyreD
                            dafyre
                            last edited by

                            Most topics here tend to branch out... sometimes not too far out (like this one)... and other times, they branch out into left field in somebody else's baseball park, lol.

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @dafyre
                              last edited by

                              @dafyre said:

                              Most topics tend to branch out...

                              FTFY. It is the nature of conversations. Go to the diner with friends, sit around having coffee for a few hours and a topic that starts things, like the weather or the nature of freedom or do we really exists at all will lead from one topic into another and take tangents and sometimes return and sometimes not. Conversations naturally go in all different directions.

                              That it happens here too is both just organic and it is an intrinsic nature of a community and discussion forum rather than being a Q&A forum a la StackOverflow.

                              BRRABillB 1 Reply Last reply Reply Quote 1
                              • BRRABillB
                                BRRABill @scottalanmiller
                                last edited by

                                @scottalanmiller said:

                                FTFY. It is the nature of conversations. Go to the diner with friends, sit around having coffee for a few hours and a topic that starts things, like the weather or the nature of freedom or do we really exists at all will lead from one topic into another and take tangents and sometimes return and sometimes not. Conversations naturally go in all different directions.

                                That it happens here too is both just organic and it is an intrinsic nature of a community and discussion forum rather than being a Q&A forum a la StackOverflow.

                                Are you purposely trying to branch this out into a THIRD discussion? 😉

                                1 Reply Last reply Reply Quote 1
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  It just happens organically.

                                  1 Reply Last reply Reply Quote 1
                                  • BRRABillB
                                    BRRABill
                                    last edited by

                                    @scottalanmiller

                                    So bringing this offshoot back here.

                                    I think I now understand you are talking about, if it makes sense, to store all the data in the cloud, and work on none of it locally.

                                    However, is there is a need to produce something locally, it might be needed to bring it down, and hence you would need to secure it in whatever way deemed necessary.

                                    For example, doing a postal mailing from a list of PHI from a medical client.

                                    dafyreD scottalanmillerS 2 Replies Last reply Reply Quote 0
                                    • dafyreD
                                      dafyre @BRRABill
                                      last edited by

                                      @BRRABill said:

                                      @scottalanmiller

                                      So bringing this offshoot back here.

                                      I think I now understand you are talking about, if it makes sense, to store all the data in the cloud, and work on none of it locally.

                                      However, is there is a need to produce something locally, it might be needed to bring it down, and hence you would need to secure it in whatever way deemed necessary.

                                      Right. And then upload it back to your non-local storage after you have finished working with it.

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @BRRABill
                                        last edited by

                                        @BRRABill said:

                                        @scottalanmiller

                                        So bringing this offshoot back here.

                                        I think I now understand you are talking about, if it makes sense, to store all the data in the cloud, and work on none of it locally.

                                        However, is there is a need to produce something locally, it might be needed to bring it down, and hence you would need to secure it in whatever way deemed necessary.

                                        For example, doing a postal mailing from a list of PHI from a medical client.

                                        Any reason that you would want to do the printing with data locally on the end client rather than directly from the SaaS application?

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller
                                          last edited by

                                          If you are using the online version of MS Office, you don't need to pull data down locally to print. So if you were to send me an Excel spreadsheet to print, it would open directly from OWA to Hosted Excel. Then when I tell it to print, it would do it from there. No need for local data for that kind of task, for example.

                                          BRRABillB 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @dafyre
                                            last edited by

                                            @dafyre said:

                                            @BRRABill said:

                                            @scottalanmiller

                                            So bringing this offshoot back here.

                                            I think I now understand you are talking about, if it makes sense, to store all the data in the cloud, and work on none of it locally.

                                            However, is there is a need to produce something locally, it might be needed to bring it down, and hence you would need to secure it in whatever way deemed necessary.

                                            Right. And then upload it back to your non-local storage after you have finished working with it.

                                            Yup. Hard to come up with real world cases where this would be necessary, though. You have to come up with stuff like "local video editing" where you are using a laptop instead of a workstation and can't do it on a hosted SaaS application. These cases exist, but they are very rare and specialty today.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 10
                                            • 11
                                            • 12
                                            • 13
                                            • 14
                                            • 17
                                            • 18
                                            • 12 / 18
                                            • First post
                                              Last post