Tell them to re-read their HIPAA docs, if you did that, and someone looked at the screen who wasn't authorized while one of your execs was viewing an account, you could be in MAJOR violation, and heavily sued/fined.From: "Jay D. Dyson" <[EMAIL PROTECTED]> > I have client that would like to have its confidential data (medical > records) available to traveling executives. > What is the most secure way to set this up? Secure web site using > private certificates? Go with VPN's? Tell the client forget the > idea because there is no good way to secure confidential data > exposed to the Internet?Such data access would fall under the auspices of HIPAA security requirements. I suggest your client be made fully aware of this, since these requirements can be exacting and may have serious consequences (both for consumer confidentiality and legal liability) if not followed.
Chris Berry
[EMAIL PROTECTED]
Systems Administrator
JM Associates
"Ok, so the servers are down, the lights are out, and all I have to work with is a roll of duct tape, a ball point pen, a lighter, and a twenty year old copy of emacs. Where's the problem? "
_________________________________________________________________
Unlimited Internet access for only $21.95/month. Try MSN! http://resourcecenter.msn.com/access/plans/2monthsfree.asp
