My thought would be that if something got into the setup enough to encrypt the files, it could have also transmitted them. On Nov 13, 2014 1:56 PM, "Bill Bogstad" <bogs...@pobox.com> wrote:
> On Thu, Nov 13, 2014 at 7:42 PM, Tracy Reed <tr...@ultraviolet.org> wrote: > > On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly: > >> I'd be wondering if HIPPA requires him to disclose the breach to his > >> clients since it is medical information. > > > > Yes. > > > > > http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/ > > > > But if he didn't even have separate backups I doubt he will be overly > concerned > > about this. For better or worse, odds are DHHS will never know about it > unless > > one of his patients reports him so likely nothing will come of it. > > I'm not so sure. If the data was encrypted in place (never left his > systems) then > it was never disclosed to inappropriate parties and my reading of that > link is that this would not be considered a breach. Not that this > would make me happy as a patient... > > Bill Bogstad >
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
