Educause Security Discussion mailing list archives
Re: HIPAA Privacy - I am afraid I am behind
From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Fri, 21 Mar 2003 11:42:59 -0500
I note that the AAMC document does not appear to have been updated to reflect the final HIPAA Security regs as published in February, not that it renders them totally irrelevant nor incomplete, it is just that a number of items which were required or specified in the draft Security regs are no longer required but are 'addressable' (though almost all recommendations are still good sense practice and almost none appear meaningless, arbitrary and capricious with the possible controversial exception of password aging/expiration). Jim, also feel free to look at our HIPAA website: hipaa.yale.edu Brian Reilly wrote:
Jim, If you haven't already seen it, I'd suggest that you take a look at the AAMC's "Guidelines for Academic Medical Centers on Security and Privacy," online at http://www.aamc.org/members/gir/gasp/start.htm. It's one of the more thorough analyses I've seen of the HIPAA privacy and security regs.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- HIPAA Privacy - I am afraid I am behind Jim Moore (Mar 21)
- <Possible follow-ups>
- Re: HIPAA Privacy - I am afraid I am behind Colleen Keller (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Brian Reilly (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind H. Morrow Long (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Sadler, Connie (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Schmidt, Eric W (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Scott Bradner (Mar 23)