Hi Wesley, really was asking if data stored with google was secure from access by google employees or third party or other applications for casual browsing, data mining, etc. Could as well ask if GEA is safe place to store credit card numbers.
We know HIPAA requirements, not a problem for us. What we don't know is google's security and confidentiality of data. thanks, Ralph On Jan 10, 9:10 pm, "Wesley Chun (Google)" <[email protected]> wrote: > greetings! you asked a question that's common but very dependent on > your implementation. App Engine has no specific compliance features, > so it's all up to your implementation. the first thing you need to do > is to separate the patient information and their medical data. if > they're together, then it's very likely that you're not compliant. > > ironically, in one past life, i worked on software for doctors to use > for clinical trials. before the medical data was even imported into > our application, all patient info such as name, DOB, SSN, sex, age, > etc., were masked so that they were not available to the doctors. we > only had patient ID numbers and their data. > > one place you can start out to find out more about compliance > andHIPAArequirements is here: > > http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities > > you may also need to hire a consultancy or company that certifies > compliance. it's probably worthwhile to pursue this before and during > the development process. however, we're not lawyers here so we cannot > give specific advice for your case. > > hope this helps! > -- wesley > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > "Core Python Programming", Prentice Hall, (c)2007,2001 > "Python Fundamentals", Prentice Hall, (c)2009 > http://corepython.com > > wesley.j.chun :: [email protected] > developer relations :: google app engine > > On Jan 7, 11:49 am, G <[email protected]> wrote: > > > My _guess_ is that either could easily run into compliance concerns. > > > Then again, wholesale countrytapping is now the norm, so there is > > precedence... > > > -- > > G > > > RalphWSiegler wrote: > > > would the datastore of the GAE beHIPAAcompliant as to privacy and > > > security of information. > > > > We (my client's IT department) have medical apps to port to cloud > > > architecture but issue of use of public vs. private cloud (Google App > > > engine vs. hosted vmware virtual appliance) hinges on this issue. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
