[ale] [OT] SSN use, was: restricting web input
Paul Cartwright
ale at pcartwright.com
Wed May 6 21:08:33 EDT 2009
On Wed May 6 2009, Bob Toxen wrote:
> I'm surprised (and disappointed) that there have been no
> HIPAA-related lawsuits about this (negligence in computer
> record-keeping of sensitive information causing identity theft).
I was in my doctors office a few years back, when he was getting a new
computer system, for HIPPA. The nurse had logged ouit of her application, but
left the computer logged in. She left the room, left me there in front of the
computer... When the doctor came in, I mentioned that this wasn't a very safe
thing, considering the HIPPA issues. He said " oh, she logged out, you can't
do anything"... I showed him how I could call up windows explorer, found his
network drives with all of that sensitive data, and pointed out I could have
plugged in my USB stick and walked away with all of his computer files.
He said he would talk to " his people" about this... yeah right.
--
Paul Cartwright
Registered Linux user # 367800
Registered Ubuntu User #12459
More information about the Ale
mailing list