Re: HIPAA question

[Bill Terry <wterry () BARD EDU>]

All -
One approach might to be to send periodic reminders on acceptable use
that includes all sensitive information including HIPPA, FERPA, etc.

I my experience, too many messages, lead to too few being read. 

Your mileage may vary  :-)   ...

Bill Terry
CTO
Bard College


On 4/15/11 8:00 AM, Jon Hanny wrote:
> Do you send out any memos or periodic reminders on acceptable use of
> email as it relates to HIPAA?
>
> Respectfully,
>
> ---------------------------------
> Jon Hanny
> CISM, CISSP, CRISC, GSLC
> Risk and Compliance Services
> Division of IT
> The George Washington University
> 703-726-4469
> jehanny () gwu edu
> ---------------------------------
>
> On 4/14/2011 5:10 PM, Taylor, James R wrote:
> > We use the Voltage encryption gateway as well as their Outlook plug-in for
> > end-to-end encryption.
> >
> > _______________________
> > Jim Taylor
> > Information Security Officer (ISO)
> > Missouri State University
> > 417-836-5226
> >
> > Confidentiality Notice: This e-mail message, including any attachments, is
> > for the sole use of the intended recipient(s) and may contain confidential
> > and privileged information. Any unauthorized review, use, disclosure or
> > distribution is prohibited. If you are not the intended recipient, please
> > contact the sender by reply e-mail and destroy all copies of the original
> > message.
> >
> >
> > -----Original Message-----
> > From: The EDUCAUSE Security Constituent Group Listserv
> > [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jon Hanny
> > Sent: Thursday, April 14, 2011 10:08 AM
> > To: SECURITY () LISTSERV EDUCAUSE EDU
> > Subject: [SECURITY] HIPAA question
> >
> > I was wondering if/how any of you have addressed HIPAA with relation to
> > email usage. Please advise.