>It's something that's come up a time or two here. In our office, we don't do
>much with it, but the med school certainly is wigged about it. From what
>I've gleaned from the discussions, I would be concerned about the commercial
>hosting.
>
>Who has access to their servers? What policies do they have in place to
>evaluate who has access? What policies do they have about what those people
>with access are allowed to do? What is their backup methodology? Where are
>the backups stored? Who has access to those? It's a mess.
>
>-Kevin
>
>
>----- Original Message -----
>From: "dana tierney" <[EMAIL PROTECTED]>
>To: "CF-Community" <[EMAIL PROTECTED]>
>Sent: Thursday, February 19, 2004 12:58 PM
>Subject: HIPAA, arrrggggh
>
>
>> ok we are having a huge flap over HIPAA compliance, has anyone here
>previously researched this topic?
>>
>> My burning question: If I have patient data in a SQL or mySQL database on
>a commercial host, is this adequate security for HIPAA purposes?
>Authentication is required for the hosting account and for the database
>itself.
>>
>> Anyone have any resources on this?
>>
>> Thanks
>> Dana
>>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
