Re: [lopsa-tech] Server disk encryption

2013-05-23 Thread Steven Kurylo
> This also refers to NIST SP-800-111. > Thank you for the clarifications. > > It looks more like if your data at rest is encrypted (ie server hard > > drives), you're better protected under the law from penalties. But it's > > not mandatory yet.But it sounds like I would want to encrypt my

Re: [lopsa-tech] Server disk encryption

2013-05-23 Thread Tracy Reed
On Wed, May 22, 2013 at 03:44:38PM PDT, Steven Kurylo spake thusly: > There are more articles than these ones, but for example: > http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/breachnotificationifr.html This one seems to be concerned with breach notification. If you lose an en