Encryption on portable devices is recommended to our clients whenever there is confidential or proprietary information on them, or when they are clients to a more robust VPN solution.
The device can't be HIPAA compliant! It's the user or organization that needs to operate the device in such a way as to remain HIPAA compliant. Strong telecommuting policies are also dictated whenever critical or sensitive information is ported on PDAs and laptops. That's industry best practice....nothing special to HIPAA. William H. Dobson, Jr, CISSP Federal Business Development Information Assurance Assessments Trustwave Corporation, Annapolis, MD Office 410-573-6910 x 2622 Cell 301-655-8548 Fax 410-571-8493 -----Original Message----- From: Jeff Carswell [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 24, 2002 9:20 PM To: '[EMAIL PROTECTED]' Subject: Laptop Security Compliance Recently our company was visited by a vendor selling a Palm based EMR solution and they made the statement, "Under HIPAA there is no way to make a laptop compliant if it is being used out in the field". Can this really be true?? If anyone has additional info or links to regs that speak directly to this issue it would be greatly appreciated. Thanks. Jeff Carswell Vice President, Corporate Development Affiliated Sante Group ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address.
