+1, HIPPA and HITECH are all about liability and if we cannot prove the data hasn’t been breached, WE are liable!
Daniel Ratliff -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Marcum, John Sent: Wednesday, April 16, 2014 8:46 AM To: mssms@lists.myitforum.com Subject: RE: [mssms] One Drive In any environment that is regulated by HIPAA you MUST be able to prove that all data at rest is encrypted if there's a breach. If I allow users to move PII to OneDrive not only can that get hacked but the user has also moved data outside my walls thereby negating all policies I have in place to control the data. How do I know if it's been moved to his/her personal laptop? How do I know if it's been placed on an unencrypted thumb drive? Have you ever worked in HealthCare? :-) -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Ben Glenz Sent: Wednesday, April 16, 2014 7:43 AM To: mssms@lists.myitforum.com Subject: RE: [mssms] One Drive Why? You can have OneDrive for Business with Sharepoint Online.. But there are GPO's to Configure it. -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Marcum, John Sent: Mittwoch, 16. April 2014 14:12 To: mssms@lists.myitforum.com Subject: RE: [mssms] One Drive Huge security no-no IMO. Shouldn't even be available in corp installs of Windows or Office. -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Todd Hemsell Sent: Tuesday, April 15, 2014 7:34 PM To: mssms@lists.myitforum.com Subject: [mssms] One Drive How many folks are disabling One Drive in the corp environment? Allowing it seems like a risk to me, for a number of reasons. Viruses and IP leakage are at the top of the list... /Todd ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.