LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: RAINdrip: HHS issues HIPAA Breach Notification Final Rule
From:	Larry Medina <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Fri, 21 Aug 2009 13:04:42 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (26 lines)

And I know it's "poor form" to reply to one's own post, but....

This new rule, especially as it applies to Business Associate's has GOT TO
HAVE EVERYONE THINKING...

"If I have health data stored either in the cloud or with a third party
service provider and it's a streamed backup from servers, possible
commingled with other data, HOW DO I comply with the new HHS requirements
specifically related to encryption of this HIPAA related data?"  and....

"Do I have a Business Associates Agreement on file with my data storage
companies?"  http://bit.ly/IaVkF

Yeah, it DOES get more complex, and organizations are going to have to start
thinking of the need to separate out data streams to ensure backups isolate
information based on it's value or function and encrypt it based on what it
is, not on a single algorithm.  

Larry
[log in to unmask] 

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US