RE: [SLUG] OT: Any Sarasota/Bradenton doctors who are online?

From: Ken Elliott (kelliott4@tampabay.rr.com)
Date: Fri Sep 03 2004 - 16:23:19 EDT


Pete>>I am working on such an application for Traditional Chinese Medicine.
Pete>>I guess I will have to make it lock down by default so they *have* to
use secure passwords,
Pete>> change the passwords every so often and so on.

Since you are writing the app, you could encrypt the data BEFORE you store
it in a database. That would render it useless to anything other then your
application. Each patient would need a client copy of an app that would
(using normal security measures) read the database, and decode it using a
patient-specific key. Your app would have to use a different key for each
patient, and you'd have to provide a way to change the data should a key be
made public. That way, you could only lose on patient's data at a time,
rather than risk the whole DB.

I'm sure someone will point out some of the flaws in this scheme. But
that's what makes this list fun!

Ken Elliott

=====================
-----Original Message-----
From: slug@nks.net [mailto:slug@nks.net] On Behalf Of Pete Theisen
Sent: Tuesday, August 31, 2004 2:38 AM
To: slug@nks.net
Subject: Re: [SLUG] OT: Any Sarasota/Bradenton doctors who are online?

Max F Lang wrote:
> On Sunday 29 August 2004 23:31, Pete Theisen wrote:>
>>>Is this allowable under HIPAA etc?>>
>>Theoretically if the security was rock solid . . .>
>
> Theoretically, maybe. But in real life
<snip>
> It would have been a minor exercise to have pulled confidential
> patient record databases from most of them, and since many of these
> database formats are well known, well...

Hi Max!

That is disturbing. I am working on such an application for Traditional
Chinese Medicine. I guess I will have to make it lock down by default so
they *have* to use secure passwords, change the passwords every so often and
so on. Then the users start posting the passwords on the screen border with
sticky notes . . .

Regards,

Pete

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages posted
are those of the author and do not necessarily reflect the official policy
or position of NKS or any of its employees.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:46:15 EDT