Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] Encryption options other use with Networker

2010-04-03 09:04:50
Subject: Re: [Networker] Encryption options other use with Networker
From: "Macina, Conrad" <Conrad.Macina AT PFIZER DOT COM>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Sat, 3 Apr 2010 09:01:30 -0400 
The Web site is a tad confusing for non-bureaucrats, but I searched for
"encrypt" in what I believe to be the full HIPAA regulations. I found
several hits, all referring to "unencrypted e-mail" between doctor and
patient.

Conrad



-----Original Message-----
From: STANLEY R. HORWITZ [mailto:stan AT temple DOT edu] 
Sent: Saturday, April 03, 2010 8:43 AM
To: EMC NetWorker discussion; Macina, Conrad
Subject: Re: [Networker] Encryption options other use with Networker

On Apr 3, 2010, at 8:20 AM, Conrad Macina wrote:

> As I understand it, HIPAA/HITECH does not explicitly require
encryption of
> media sent off-site. It requires that measures be taken to prevent
loss and
> states disclosure requirements should a breach occur. It does not
specify
> what measures are considered sufficient.
> 
> Your company's attorneys should be able to interpret the law, and
someone
> should determine what other companies in your industry are doing. It
may be
> that you don't have to encrypt at all; "Chain of Control" -- meaning
bonded
> couriers, secure transit and bonded storage facilities -- may be
sufficient.
> 
> DISCLAIMER: I am not an attorney. My entire legal training consists of
a
> single (unsuccessful) attempt to fight a traffic ticket. Do not try
this at
> home; consult a professional. 

I share Conrad's disclaimer, but just out of curiosity, I downloaded the
entire American Restoration and Recovery Act, which is where the HITECH
act appears. The link to a PDF of that act is 
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=111_cong_bills
&docid=f:h1enr.pdf

If you download that PDF and bring into your favorite PDF viewer, then
search for the word "encrypt" you will get zero hits.

As Conrad said, this is really a question for legal counsel. I also
didn't bother doing the same search on the HIPAA regulations, but anyone
else who is curious is welcome to do so.

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Encryption options other use with Networker, STANLEY R. HORWITZ
Next by Date:  Re: [Networker] Encryption options other use with Networker, David Magda
Previous by Thread:  Re: [Networker] Encryption options other use with Networker, STANLEY R. HORWITZ
Next by Thread:  [Networker] Legato 7.4 on SunSolaris, faridzal
Indexes:  [Date] [Thread] [Top] [All Lists]