[Gllug] OT: Is Win2k + SP3 HIPAA Compliant?
Xander D Harkness
xander at harkness.co.uk
Wed Aug 28 12:38:59 UTC 2002
For me who is working, trying to provide Electronic Patient records, this
is really exciting.
It could either kill the use of Windows in the NHS or make M$ modify their
licence.
http://slashdot.org
Ask Slashdot: Is Win2k + SP3 HIPAA Compliant?
MicrosoftPosted by Cliff on Wednesday August 28, @08:23AM
from the EULAs-vs-government-regulations dept.
Chris asks: "Our company deals with medical records in a peripheral sort
of way (as they pertain to student loans), and due to new laws we are
required to be HIPAA compliant by April. After reading the discussion on
here about the new EULA for Win2k SP3, I had a disturbing thought. As far
as I can tell, if you use Windows 2000 then you're going to be out of
compliance whatever you do. If you install the patch, then theoretically
Microsoft could access those medical records (possibly by accident)
without 'due cause or need' in the process of updating your machine. If
you don't patch your system then you'll fail the security requirements of
the law." If Win2k with SP3 is not HIPAA compliant (and I stress the if
because no one has made a statement either way, yet) what can
non-compliant Medical IT departments do?
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list