On Thu, 26 Mar 2009 at 10:42am, Robert G. Brown wrote
On Thu, 26 Mar 2009, Leif Nixon wrote:
As in health-care. Which is why you get hospitals with Conficker/Downadup running rampant through medical equipment with embedded Windows systems. Basically, you're not allowed to patch them without FDA approval. That's scary.Um, I don't believe that this is the case, and I say this as a semi-pro consultant in health care. Most hospitals probably do something along these lines as part of the standard CYA, but the regulations, especially HIPAA, are "due diligence" recommendations with an amazing {\em lack} of specification. You can pretty much do whatever you like, but heaven help you if you drop your patients' data or violate their confidentiality. At the very least you'd better be able to show that you tried hard to keep things secure...
Note that Leif mentioned medical equipment with embedded Windows systems. And he's right -- you're not allowed to touch the software build on those without getting the new build approved by the FDA (at least, not if you want to use said equipment on real live patients). And those machines are generally networked so that the data (images, e.g.) can be uploaded. It is very, very scary. Why anyone ever made the decision to run medical equipment on Windows (over the screams of the engineering team) is utterly beyond me.
-- Joshua Baker-LePain QB3 Shared Cluster Sysadmin UCSF _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
