Educause Security Discussion mailing list archives

Re: HIPAA Privacy - I am afraid I am behind

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Fri, 21 Mar 2003 11:42:59 -0500

I note that the  AAMC document does not appear to have been updated
to reflect the final HIPAA Security regs as published in February,
not that it renders them totally irrelevant nor incomplete, it is
just that a number of items which were required or specified in the
draft Security regs are no longer required but are 'addressable'
(though almost all recommendations are still good sense practice
and almost none appear meaningless, arbitrary and capricious with the
possible controversial exception of password aging/expiration).

Jim, also feel free to look at our HIPAA website:  hipaa.yale.edu

Brian Reilly wrote:

Jim,

If you haven't already seen it, I'd suggest that you take a look at the
AAMC's "Guidelines for Academic Medical Centers on Security and Privacy,"
online at http://www.aamc.org/members/gir/gasp/start.htm.  It's one of the
more thorough analyses I've seen of the HIPAA privacy and security regs.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.

Current thread:

HIPAA Privacy - I am afraid I am behind Jim Moore (Mar 21)
- <Possible follow-ups>
- Re: HIPAA Privacy - I am afraid I am behind Colleen Keller (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Brian Reilly (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind H. Morrow Long (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Sadler, Connie (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Schmidt, Eric W (Mar 21)
- Re: HIPAA Privacy - I am afraid I am behind Scott Bradner (Mar 23)