{"id":14211,"date":"2019-01-02T04:30:02","date_gmt":"2019-01-02T12:30:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/01\/02\/news-7963\/"},"modified":"2019-01-02T04:30:02","modified_gmt":"2019-01-02T12:30:02","slug":"news-7963","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/01\/02\/news-7963\/","title":{"rendered":"If the CTO says it's OK, what could go wrong?"},"content":{"rendered":"

Credit to Author: Sharky| Date: Wed, 02 Jan 2019 03:00:00 -0800<\/strong><\/p>\n

Medical rehab facility is facing a compliance deadline for HIPAA<\/a> privacy regulations, and that could be a problem, says a cybersecurity pilot fish working there.<\/p>\n

“The HIPAA regulations are strewn with potential issues,” fish says. “When some aspect isn’t followed and a patient’s data privacy is compromised, the fines can be substantial.”<\/p>\n

And that’s the headache fish faces because of his facility’s use of Gmail. As the site’s cybersecurity engineer, fish knows that ordinary Gmail isn’t HIPAA compliant.<\/p>\n

Fortunately, there’s a fix — one that involves additional paperwork and agreements, along with some added security verification. But that’s still easier and less complex than moving everyone off Gmail.<\/p>\n

So fish works to make sure all HIPAA requirements and industry standards are met. After a thorough search of available documentation, he creates a to-do list for the roadmap to ensure the facility has everything in order to comply with HIPAA.<\/p>\n

And fish has the CTO’s repeated assurances that all the necessary steps have been taken and followed per HIPAA.<\/p>\n

There’s just one problem: “After asking for required Document A four times and required Document B three times — and given past issues with the CTO — it became increasingly apparent that none of the work had actually been done,” sighs fish.<\/p>\n

“And without that documentation, if anything bad were to happen, everyone would be pointing at me…”<\/p>\n

Document your true tale of IT life for Sharky.<\/strong> Send your story to me at sharky@computerworld.com<\/a>. You can also comment on today’s tale at Sharky’s Google+ community<\/strong><\/a>, and read thousands of great old tales in the Sharkives<\/strong><\/a>.<\/i><\/p>\n

Get Sharky’s outtakes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter<\/a>.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Sharky| Date: Wed, 02 Jan 2019 03:00:00 -0800<\/strong><\/p>\n

\n
\n

Medical rehab facility is facing a compliance deadline for HIPAA<\/a> privacy regulations, and that could be a problem, says a cybersecurity pilot fish working there.<\/p>\n

“The HIPAA regulations are strewn with potential issues,” fish says. “When some aspect isn’t followed and a patient’s data privacy is compromised, the fines can be substantial.”<\/p>\n

And that’s the headache fish faces because of his facility’s use of Gmail. As the site’s cybersecurity engineer, fish knows that ordinary Gmail isn’t HIPAA compliant.<\/p>\n

Fortunately, there’s a fix — one that involves additional paperwork and agreements, along with some added security verification. But that’s still easier and less complex than moving everyone off Gmail.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714],"class_list":["post-14211","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14211","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14211"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14211\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14211"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}