On Apr 20, 2009, at 7:08 PM, Robert J. Hansen wrote:

John Clizbe wrote:
Your interests would be best served by a) hiring the services of a
security consultant knowledgeable in the dealings of HIPAA specifically
as it relates to the FDA; b) consulting an attorney knowledgeable in
technology, c) both of the above.

I'll go one step further: asking this query on an internet mailing list
could itself be seen as failure to exercise due care.  You don't know
any of us here and cannot vouch for anyone's legal or technological
acumen. As far as due diligence is concerned, asking here -- instead of
asking lawyers and security consultants -- is pretty much reckless
disregard.

That's a pretty big step there. Asking a user community of GnuPG a question about OpenPGP is not reckless disregard. What you do with the *answer* might be reckless disregard, so John's advice to consult an attorney familiar with the issue is wise.

Asking questions is good. Doing the right thing with the answers is, as always, the responsibility of the questioner.

David


_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to