lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 30 Jun 2004 15:50:20 -0400
From: Dave Paris <dparis@...orks.com>
To: "Cameron, Thomas" <Thomas.Cameron@...kofamerica.com>
Cc: BUGTRAQ@...urityfocus.com
Subject: Re: Microsoft technologies. By default, non-HIPAA compliant?


Believe it.  Banking is concerned with regulatory requiprements, 
Medical/HIPAA is concerned with privacy of data on every level, 
appropriate access to data, the ability to access data in an emergency 
in a secure, aduitable manner, and all other variations of 
complexities.  The basic HIPAA electronic security guidelines consist of 
mandatory and "addressable" components.  How each company addresses the 
"addressable" components is open to interpretation.  Banking is 
stringent, to be sure - but HIPAA takes accountability and privacy to a 
whole new level.

Kind Regards,
-dsp

Cameron, Thomas wrote:

>>-----Original Message-----
>>From: Anything But Microsoft [mailto:abm@...thingbutmicrosoft.org]
>>Sent: Tuesday, June 29, 2004 9:43 PM
>>To: <@securityfocus.com BUGTRAQ
>>Cc: secure@...rosoft.com
>>Subject: Microsoft technologies. By default, non-HIPAA compliant?
>>
>>
>>The US health care system is the only industry where best network and
>>security practices are a federally mandated requirement.
>>    
>>
>
>Um, no.  I work in the banking industry and we are federally regulated and audited for security.  I've never worked in the medical industry but I'd be surprised if their requirements are more stringent than ours.
>  
>
[....]



Powered by blists - more mailing lists