Fred,
thank you very much, and I absolutely agree with all of your
points
Regards,
Jacob
--------Original Message-----
From: Fred Langston [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 11, 2003 9:59 PM
To: WEDI SNIP Security Workgroup List
Cc: Johnson, Ed
Subject: RE: Risk AssessmentsHI Karen,I have to take issue with your closing statement. As someone that's been doing risk assessments for decades and HIPAA risk assessments/risk analyses for over 5 years, I truly can't imagine anyone posting much about methodologies that hasn't been used, published, and considered standard practice for almost forever on this subject. Just posting to this list cannot connote ownership of intellectual property or imply what fair use of that property is. If someone reposts the wealth of material I've posted to this list and many others about risk assessment methodologies, then your statement implies I can no longer use the material I've developed myself and freely submitted just because it was posted here. And that's plain wrong. Not to mention that it's *conducting* the risk assessment that's the really hard work, not just developing the methodology.There seems to be a lot of consultant bashing on this list, which I believe is misplaced. We're not here to replace people, we're here to assist and augment organizations that can not or do not want to hire staff on a permanent basis. The value of knowing how *many* organizations conduct their HIPAA compliance efforts is difficult to overestimate, and no amount of list reading can replace that experience. It would be nice if people posting to the list try to maintain a professional respect for one another.Fred Langston, CISSP
Senior Principal Consultant
W: 206.903.8147 x223 F: 206.903.1862 M: 425.765.3330
Seattle, WA www.Guardent.com
________________________________________
G U A R D E N T
Enterprise Security and Privacy Programs--------Original Message-----This listserv is not for advertising, so please do not mail the entire list about your products. In addition, I hope that any "how to do a risk assessment" advice and information that is freely given from this listserv to persons representing consulting companies is not then used to bill similar organizations for the company's "expert" advice.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 11, 2003 6:01 PM
To: WEDI SNIP Security Workgroup List
Cc: [EMAIL PROTECTED]
Subject: Re: Risk Assessments
Carol A. Karps, Senior Policy Consultant
FourThought Group
Phoenix office 602-452-2054
Santa Fe office 505 - 466-1221
cell - 505- 470-6291
[EMAIL PROTECTED]
[EMAIL PROTECTED]
This e-mail, and any attachments thereto, are intended only for use by the addressee(s) named herein and may contain privileged and/or confidential information. If you are not the intended recipient of this e-mail, any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by e-mail or telephone and permanently delete all copies of this e-mail and any attachments. This email and any attachments are believed to be virus-free. This e-mail is not guaranteed to be virus-free. The sender accepts no liability for any loss or damage arising from its use.
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
