Although this is a slight subject drift, just to make everyone's life slightly more interesting we at University of Washington Medicine (both Medical Centers and Health Sciences) are forcing our digital copier vendor to sign a HIPAA Business Associates agreement. If the unit required service (and show me one of these that don't), the repair person (or remote diagnostic) would have access to the internal hard disk which could contain images of pages holding protected health information. That's a no-no.
It ain't just Postscript device that falls under this edict. It's any digital copier/printer/scanner that has persistent internal storage or is network connected. And for that matter, we're also setting up bridging firewalls on some of the units that contain an actual PC inside to manage the scanning functions, such as the Canon ImageRunner series. cdv ------------------------ Chris DeVoney Clinical Research Center Informatics University of Washington ------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
