HIPAA does provide detail for securing non-electronic transmission of Personal information. Basically -- it has to be sealed and trackable (Rewgistered mail, UPS, FedEx, etc.)
There is information and instruction available at http://www.hipaa.org and http://www.ahima.org. AHIMA also provides a series of online classes for $1100 which provide a form of individual IT HIPAA accreditation. -Patrick R. Sweeney http://boston.craigslist.org/bos/res/8484283.html ----- Original Message ----- From: "Chris Scharff" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Tuesday, February 25, 2003 7:09 PM Subject: Re: Exchange server level encryption-OT > Not an expert on the science behind this essay > http://tnr.com/docprint.mhtml?i=20030224&s=easterbrook022403, but the idea > of needing to use nuclear power plants to product the levels of hydrogen > needed for 'clean fuel cells' seems to make the "water is the only > byproduct" argument a bit disingenuous. Course as I said, I'm not an expert > on the subject so I'm certainly open to knowing where the levels of hydrogen > needed for such a thing would come from. > > Perhaps instead of replacing HIPPA, those companies subject to its > regulations need to rethink how and why patient data would need to leave > their environment and design secure systems (which e-mail aint) to > facilitate that transmittal. Course the reality is companies aren't really > interested in protecting patient data, just in being compliant with the > various regulatory agencies which govern them. So, following the cheapest > route to compliance they encounter the reality that cheap aint easy. > > On 2/25/03 16:06, "Christopher Hummert" <[EMAIL PROTECTED]> wrote: > > > > Ok I knew I shouldn't have used that example, cause I knew somewhere we > were going to get into a debate about it. In addition I should have said > Hydrogen Fuel Cells which is what I was thinking of when I made the > statement. As far as the pollution: > > Fuel cells efficiently convert hydrogen fuel and oxygen from the air > into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit > only water vapor from their exhaust pipes. Demonstrations of HFCEVs have > been successful and this technology is expected to displace internal > combustion engines in the 21st Century. > > Which I got from pretty much the first thing I could google up here: > http://www.hydrogencomponents.com/altfuel.html > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mellott, Bill > Sent: Tuesday, February 25, 2003 2:02 PM > To: Exchange Discussions > Subject: RE: Exchange server level encryption-OT > > > Chris Im curious how do you figure this statement? Next thing you'll > drag in Hybrids ... > > "It's the same problem you have with cars > today. Gasoline engines produce pollution, so to change this we could > move to hydrogen engines which are pollution free. But the > infrastructure isn't there." > > While I agree hydrogen engines maybe more friendly...they do produce > pollution AND the infrastructure you correctly point out which is not > there really WILL in fact produce pollution to make the pieces/stuff > required for the "cleaner part". > > Let me ask this..IF say you put a refrigerator in a "sealed" > room...plug it in...leave the Fridge door open....what happens in the > room? > > there no free lunch...just more healthy... > ;-) > > bill > > > -----Original Message----- > From: Christopher Hummert [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 25, 2003 4:42 PM > To: Exchange Discussions > Subject: RE: Exchange server level encryption > > > Except that none of our clients have heard about PGP. That's one of the > problems with HIPPA, the solutions they want don't exist for a device > that was developed back in the 60's (I think I got the time right, I'm > not going to check though). It's the same problem you have with cars > today. Gasoline engines produce pollution, so to change this we could > move to hydrogen engines which are pollution free. But the > infrastructure isn't there. Same thing with e-mail and encryption. > That's one of the reasons HIPPA deadlines keeps getting pushed back. > > Then with a solution like PGP you have to teach the users how to use it. > That's a nightmare that I don't ever want to repeat again. Hell half of > the users I taught have a hard time figuring out what the "start button" > is, and it's right there in front of their face. > > The big problem with HIPPA was that it was designed by bureaucrats (who > BTW were probably the same users that have a hard time with the start > button thing) that wanted to do something to protect the people that > vote for them. Except there wasn't a major problem to begin with. Sure > there were a few slight mishaps here and there, but the industry was > doing a fine job of learning from those mistakes and creating new > solutions to prevent those from happening again. > > In addition to the design problems with HIPPA, you have the fact that > it's become so bloated that no one knows exactly what it is or what you > need to do. While you run into some so called "HIPPA expert" that says > you need to do one thing, you can always find another that says you > don't need to do that. > > Flat out HIPPA needs to go, and be replaced by something that's a little > more well thought out. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Erik Sojka > Sent: Tuesday, February 25, 2003 1:25 PM > To: Exchange Discussions > Subject: RE: Exchange server level encryption > > > Yup. But PGP is one of the most widely deployed encryption packages and > has software for various client and server packages. > > > > -----Original Message----- > > From: Erick Thompson [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, February 25, 2003 4:19 PM > > To: Exchange Discussions > > Subject: Re: Exchange server level encryption > > > > > > Doesn't PGP suffer from the same problem, where the recipients need to > > > have a PGP key set up? > > > > Erick > > > > ----- Original Message ----- > > From: "Ken Cornetet" <[EMAIL PROTECTED]> > > To: "Exchange Discussions" <[EMAIL PROTECTED]> > > Sent: Tuesday, February 25, 2003 12:38 PM > > Subject: RE: Exchange server level encryption > > > > > > I'll assume you are talking about SMIME encryption here. What you want > > > to do is not possible in the general sense. You need the recipient's > > public key in order to encrypt their mail. You would have to have a > > predefined list of all possible recipients and their public keys. Even > > > if you had this list, I know of no products that implement this (but > > then again, I've never looked) > > > > You could probably rig something up using PGP on a unix box as an > > outbound gateway. But then all your recipients would need PGP to read > > the mail. > > > > -----Original Message----- > > From: Hutchins, Mike [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, February 25, 2003 3:25 PM > > To: Exchange Discussions > > Subject: Exchange server level encryption > > > > > > Ok, my eyes are going crossed. > > I have been trying to figure out a decent way to encrypt all outbound > > email from our company. This is for compliance with HIPAA. Does anyone > > > happen to have any ideas? > > > > I have googled and haven't found a product that looks right. I have > > searched for "exchange 2000 encryption", "email encryption", etc. > > Help? > > > > TIA > > > > Mike > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
