SOx is mostly financial, yes. Basically just making sure systems, applications, and processes that surround financial transactions have proper controls, are updated regularly, patched, etc. Also brings in Change Management to make sure all changes to production systems are documented and have a defined process surrounding them.
Has nothing to do with people, though. I'm loving my UP band, BTW. My wife and I each have one and share our sleep and activity data with each other. I never knew you could compete with someone on how well you sleep, but we do, and it is actually kind of fun to do. On Wed, Apr 17, 2013 at 6:23 PM, LRS Scout <lrssc...@gmail.com> wrote: > > Sarbonnes oxley is financial only? > > Man its been so long since I cared about this stuff. > > My recall has gone to shit. > > Maybe I should try this personally, I don't think I'd want to work for > someone doing this. > On Apr 17, 2013 7:20 PM, "LRS Scout" <lrssc...@gmail.com> wrote: > > > Aren't there also some hefty db requirements for this kind of pii? > > > > Encryption and stuff. > > > > I can't remember the name of the bill a while back, only applied to > > publicly traded companies I think. > > On Apr 17, 2013 7:17 PM, "Judah McAuley" <ju...@wiredotter.com> wrote: > > > >> > >> One thing to remember is that this is a pretty badly hacked article :) > >> > >> The key thing about HIPAA is that it regulates people who gather your > data > >> and what they can do with it without your permission. It is > fundamentally > >> your data (in a healthcare context) and you are supposed to be in charge > >> of > >> who gets to see it/use it and for what. So if you are opting in to a > >> program and providing data that you are actively sharing and understand > >> how > >> and why it is being used, that alleviates most of the privacy concerns > (on > >> an individual basis). > >> > >> That being said, there are still concerns around making sure that the > data > >> does not go toward any uses you have not knowingly agreed to, making > sure > >> that it can go away when you go away, making sure that it does not go to > >> 3rd parties without your consent, etc. > >> > >> One of the other big concerns I have is how it may work around peer > >> pressure. Peer pressure can be a positive in the area of wellness. > Having > >> a > >> support structure that holds you accountable has been shown to be a > major > >> factor with people sticking with any sort of program. It's hard to > change > >> habits on your own. On the other hand, a voluntary opt-in system has the > >> potential to create a mental division between "team players" and > >> "slackers" > >> or what not and that is something I worry about. > >> > >> I'm happy for any and all input. This is an internal, experimental, sort > >> of > >> project, so nothing is set in stone and great ideas and concerns are > >> happily accepted. > >> > >> Judah > >> > >> > >> On Wed, Apr 17, 2013 at 4:02 PM, C. Hatton Humphrey < > chumph...@gmail.com > >> >wrote: > >> > >> > > >> > I dunno, started reading it and alarm bells went off in my head with > >> > regards to HIPAA, HR/Labor law and potenitially descrimination > (Ramadan > >> > makes for different eating cycles, for example). > >> > > >> > If you'd like I can share the article with my co-workers in the HR > >> > department to get more educated feedback on the concept. > >> > > >> > Personally I haven't looked into any studies that tie wellness with > >> > productivity. I can also say that every client we service saw a > premium > >> > increase in benefits, participation in a wellness program or not. > >> > > >> > Until Later! > >> > C. Hatton Humphrey > >> > http://www.eastcoastconservative.com > >> > > >> > Every cloud does have a silver lining. Sometimes you just have to do > >> some > >> > smelting to find it. > >> > > >> > > >> > On Wed, Apr 17, 2013 at 6:44 PM, Judah McAuley <ju...@wiredotter.com> > >> > wrote: > >> > > >> > > > >> > > I'm really curious because the company in question is mine and I'll > be > >> > > working on this project. The article, of course, really kind of > >> butchered > >> > > everything, got the name wrong (C3PO is a different internal > project), > >> > and > >> > > kind of glossed over the fact that is all voluntary...but I do > >> understand > >> > > that there are questions to be asked surrounding health info + > >> employers. > >> > > It has the potential to be fraught. On the other hand, we're trying > to > >> > > build a very participatory culture and trying to "do good" > reinforcing > >> > > positive actions by feedback mechanisms. We're just starting and > >> going to > >> > > be prototyping stuff, so nothing set is stone yet, but yeah, I think > >> it > >> > > will be very interesting. > >> > > > >> > > > >> > > >> > > >> > > >> > >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:362887 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
