Re: OT - Security Of Sensitive Data

Sounds like that pretty much precludes even dedicated hosting through an ISP. You'd need the box to reside inside of your building to confidently ensure those terms are met. -- --mattRobertson-- Janitor, MSB Web Systems mysecretbase.com ~~

RE: OT - Security Of Sensitive Data

Health Systems, International -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Saturday, August 06, 2005 4:57 AM To: CF-Talk Subject: Re: OT - Security Of Sensitive Data I am not very familiar with HIPAA reglations, but it sounds like they are something

Re: OT - Security Of Sensitive Data

Matt Robertson wrote: > On 8/6/05, Jochem van Dieten <[EMAIL PROTECTED]> wrote: >> >> Does the HIPAA mandate something similar? > > Source code? As in if I use SQL Server I have to have access to the SQL > Server source (and ColdFusion source for that matter)? Yes. Not necessarily direct acce

Re: OT - Security Of Sensitive Data

On 8/6/05, Jochem van Dieten <[EMAIL PROTECTED]> wrote: > > Does the HIPAA mandate something similar? Source code? As in if I use SQL Server I have to have access to the SQL Server source (and ColdFusion source for that matter)? Doesn't do that, thankfully. Or by 'source' do you mean the sql/

Re: OT - Security Of Sensitive Data

I am not very familiar with HIPAA reglations, but it sounds like they are something like the procedural and technical guidelines from the Dutch Data Protection Authority. Those guidelines mandate that if you store class 2 or higher personal data (lots of relatively harmless data like name and a

Re: OT - Security Of Sensitive Data

After I raised hell and dave "disrupted" Hostmysite, they put in the work to make their servers more secure. However, VPS or dedicated hosting is the best way to make a functional CF server secure. On 8/6/05, Will Tomlinson <[EMAIL PROTECTED]> wrote: > I went through this sensitive data crap for a

RE: OT - Security Of Sensitive Data

> I also realized there is a market/demand for *SECURE* hosting > out there. Sure there is, and that demand is currently met using dedicated servers. Short of using dedicated servers, it's really hard to ensure an adequately secure environment. I think that server virtualization is a step in this

Re: OT - Security Of Sensitive Data

I went through this sensitive data crap for a client a while back. After talking with CT, and a few others, I decided it was too much trouble. I also realized there is a market/demand for *SECURE* hosting out there. Will www.codefusiongear.com

Re: OT - Security Of Sensitive Data

On 8/5/05, Russ <[EMAIL PROTECTED]> wrote: > > Don't forget that the free bluedragon doesn't support ssl... It's not very > well documented... > Geez you've got to be kidding me... OK you're not kidding. Wow if thats true that makes it pretty close to worthless IMHO. I was going to look into us

RE: OT - Security Of Sensitive Data

I agree there... all the limitations should be obvious and spelled out. -mk -Original Message- From: Russ [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 5:08 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Data Personally I think they could've documented it b

RE: OT - Security Of Sensitive Data

ake it into the docs... As far as BD6.1, it's too buggy for production use... -Original Message- From: Mark A Kruger [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 5:57 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Data Companies are in business to make money. An

RE: OT - Security Of Sensitive Data

s software product. They have offered something between development and production that has some limited use - that's a good thing, right? -Original Message- From: Damien McKenna [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 4:17 PM To: CF-Talk Subject: RE: OT - Security Of

Re: OT - Security Of Sensitive Data

sion is crippled like that... > >-Original Message- >From: Ken Ferguson [mailto:[EMAIL PROTECTED] >Sent: Friday, August 05, 2005 4:59 PM >To: CF-Talk >Subject: Re: OT - Security Of Sensitive Data > >Completely rules out using BD for any sort of commercial app doesn&#x

RE: OT - Security Of Sensitive Data

> -Original Message- > From: Ken Ferguson [mailto:[EMAIL PROTECTED] > > Completely rules out using BD for any sort of commercial app > doesn't it? That's kinda harsh. Their free version doesn't support SSL but their paid-for versions do. I personally think they could have bundled it

RE: OT - Security Of Sensitive Data

st 05, 2005 3:59 PM To: CF-Talk Subject: Re: OT - Security Of Sensitive Data Completely rules out using BD for any sort of commercial app doesn't it? I didn't realize this was the case. Thanks for letting me know; I can't tell you how mad I would have been if I'd wasted any t

RE: OT - Security Of Sensitive Data

Well I'm sure their paid versions support it... but yea, it's a shame the free version is crippled like that... -Original Message- From: Ken Ferguson [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 4:59 PM To: CF-Talk Subject: Re: OT - Security Of Sensitive Data

Re: OT - Security Of Sensitive Data

switch in the code that won't serve pages if you are using >the free BlueDragon version through ssl... I found out the hard way a few >months ago... > >-Original Message- >From: Mark A Kruger [mailto:[EMAIL PROTECTED] >Sent: Friday, August 05, 2005 4:45 PM >To: CF-T

RE: OT - Security Of Sensitive Data

Russ, Well - that changes a small project we was working on :). Glad you caught it before I did (ha). -Mark -Original Message- From: Russ [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 3:47 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Data Yea, there is a switch

RE: OT - Security Of Sensitive Data

bject: RE: OT - Security Of Sensitive Data Russ, Do you mean that the BD engine won't serve pages through an SSL connection? -Mark -Original Message- From: Russ [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 3:37 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Da

RE: OT - Security Of Sensitive Data

Russ, Do you mean that the BD engine won't serve pages through an SSL connection? -Mark -Original Message- From: Russ [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 3:37 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Data Don't forget that the free bluedrag

RE: OT - Security Of Sensitive Data

PROTECTED] Sent: Friday, August 05, 2005 4:21 PM To: CF-Talk Subject: Re: OT - Security Of Sensitive Data I would think at the very least you'd want a dedicated server... seeing as CT sells them for $70 monthly that ain't so bad, although you'd have to buy CF or work in BD compati

RE: OT - Security Of Sensitive Data

Don't forget that the free bluedragon doesn't support ssl... It's not very well documented... -Original Message- From: Matt Robertson [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 4:21 PM To: CF-Talk Subject: Re: OT - Security Of Sensitive Data I would think at

Re: OT - Security Of Sensitive Data

I would think at the very least you'd want a dedicated server... seeing as CT sells them for $70 monthly that ain't so bad, although you'd have to buy CF or work in BD compatibility. SSL is cheap at US$50 for a good one. Don't use CT's shared SQL host. Install MSDE on your same server (free).

RE: OT - Security Of Sensitive Data

g around. Matt Osbun Web Developer Health Systems, International -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Friday, August 05, 2005 12:54 PM To: CF-Talk Subject: RE: OT - Security Of Sensitive Data I would be very surprised if any shared hosting environment was secure e

RE: OT - Security Of Sensitive Data

> This MAY be more a hosting question, but I am looking into how I can > best share sensitive PATIENT information over the internet to our > nursing staff out in the field. > > We have a CrystalTech shared hosting account, and have the typical SSL > directory available to us. I can even go so far

RE: OT - Security Of Sensitive Data

> This MAY be more a hosting question, but I am looking into how I can > best share sensitive PATIENT information over the internet to our > nursing staff out in the field. > > We have a CrystalTech shared hosting account, and have the typical SSL > directory available to us. I can even go so far

Re: OT - Security Of Sensitive Data

I'll add my voice to those expressing concern over using a shared server for Federally-regulated information storage and retrieval. It's a dangerous game. If they want to do this, and since they must abide by the rules, I'll hope for your sake that HIPPA rules have language to cover this situation.

Re: OT - Security Of Sensitive Data

Claremont, Timothy wrote: > This MAY be more a hosting question, but I am looking into how I can > best share sensitive PATIENT information over the internet to our > nursing staff out in the field. > > We have a CrystalTech shared hosting account, and have the typical SSL > directory available to

Re: OT - Security Of Sensitive Data

Providing lists of id numbers that they have to look up on paper is over doing it..but I wouldn't post protected private health information on a shared server. There is no way to secure it. The techs at the ISP have a password and physical access to the computer and can browse all of your f

Re: OT - Security Of Sensitive Data

On Fri, 4 Mar 2005 09:02:36 -0500, Claremont, Timothy <[EMAIL PROTECTED]> wrote: > This MAY be more a hosting question, but I am looking into how I can > best share sensitive PATIENT information over the internet to our > nursing staff out in the field. > > We have a CrystalTech shared hosting acc

RE: OT - Security Of Sensitive Data

>From a personal perspective, I would be horrified if I found out my medical records were being served from a multiple account hosting environment with a shared SSL cert. That aside, from a technical perspective, security is an onion. There are so many layers and working with it can leave you in