As an employee of a company who deals with HIPPA controlled/protected data, I feel very uncomfortable knowing that I can be charged either with a civil or criminal violation in the event that HIPPA data, under my control, is accidentally lost or stolen. And I am not talking about an intentional leak of protected patient information. What really floored me this year, when I took the yearly HIPPA certification online class, was HIPPA is administered under the Office of Civil Rights.
Regardless of my personal political theology, it makes me uncomfortable that if I offend a person or persons, the friendly neighborhood OCR representative could be asked to "look at" my activities as relating to HIPPA compliance. I'm sure an unbiased and diligent OCR employee might uncover some violation(s) if they investigated long and hard enough. --- jba...@ngssallc.com wrote: From: "John P. Baker" <jba...@ngssallc.com> To: IBM-MAIN@LISTSERV.UA.EDU Subject: Volkswagen Programmed Vehicle to Deactivate Pollution Control Systems Date: Fri, 18 Sep 2015 15:56:34 -0400 http://www.foxbusiness.com/industries/2015/09/18/epa-says-vw-intentionally-v iolates-clean-air-standards/?intcmp=hpbt1 In the referenced article, it is being reported that Volkswagen had their programming staff intentionally program the computers controlling the pollution control systems on certain 2008-2015 Audi and Volkswagen diesel vehicles to activate the full pollution control systems ONLY when the vehicle was undergoing official emissions testing. At all other times, the pollution control systems were inactive and the vehicles were putting out emissions as high as 40 times the legal limit. The company is facing $18 billion in fines. It is unclear whether the Volkswagen executives who directed the scheme will face criminal charges. It is also unclear whether the programming staff who wrote the code will face criminal charges. Even though this is not a mainframe issue, it is an issue that directly affects us and our industry. Hackers are already a significant black eye. This is much worse. It makes legitimate programmers look suspect. It raises the uncomfortable question of whether or not we can or should be held criminally liable if we are directed to code a program or a change to a program that we know would have the effect of violating the law and we then knowingly proceed to code that program or a change to a program. It has been suggested in the past that programmers should be licensed and/or bonded. I am not particularly fond of either idea. However, I would like to hear what others think. John P. Baker ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN _____________________________________________________________ Netscape. Just the Net You Need. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
