>I just had a problem the other day where someone wanted a PDF emailed. It >had information on it I consider private and PDFs (usually) are not >encrypted. Am I missing something, or being overly paranoid? > >Russell Johnson >r...@dimstar.net
Bill - Thanks for changing the subject line. Russ - The PDFs in this case (patient charts!) will be "emailed" from machine A to machine B within the same locked cage, in a locked office, over an openVPN tunnel, a bit of extra paranoia in case somebody taps the ethernet hardware (inside the cage) somehow. The other bit of paranoia is backups, which will be rsync (actually dirvish using rsync) using SSH, inside an openVPN tunnel. The big gaping hole is probably Tempest - if somebody can read the EMF off a flat screen. Seems unlikely, but ... It is good that you are asking this question. This will be medical information, and part of Obamacare was staffing up the enforcement arm of HIPPA. Doctors are starting to pay huge fines and may be soon going to prison because they did not get their IT security right. Their staff and IT contractors may also be vulnerable. Since nobody encrypts the email they send to doctors, or can read encrypted email from them, any electronic doctor-patient communication (beyond appointment reminders) will probably have to be via https "web page emails", with those postage-stamp-sized text boxes. Fooey. Phone lines? Too easily tapped. And those conversations are turned into "digital records" as they pass through the PSTN, so some idiot judge may extend HIPPA to the phone system. We are already faced with designing the new office so patients in the waiting room can't hear anybody on the phone, and vice versa. We also had to reject one space because we could not control access through the office for people in wheelchairs (who might overhear something). HIPPA may mean patients will die prematurely, albeit with their privacy intact. "Sunshine Cleaning" will get rich. Keith -- Keith Lofstrom kei...@keithl.com Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
