You can't secure what you don't acknowledge.SM

Thursday, November 19, 2009

I could've sworn we had this thing called HIPAA

Remember way back in April of 2005 when the HIPAA Security Rule went into effect? Well apparently some healthcare providers didn't get the memo. Big blow to Health Net.

So, no reasonable security controls to meet the HIPAA requirements much less no encryption of mobile storage devices? Seriously people: what is it going to take to encrypt mobile drives!!??

I'm not a fan of BitLocker in the enterprise and not sure how big Health Net is but, heck, they could've at least considered it!

Golly...I think I get so fired up about this stuff because it affects us all so personally. Furthermore it's, um, common knowledge that big security breaches will and do occur on a daily basis.

No comments:

Post a Comment