OT: Learning to Spell (HIPPA)

Steve Holmes steve at holmesgrown.com
Thu Feb 10 06:41:41 MST 2011 

This situation reminds me of the old school photography developers who
develop some guy's film and comes across a bunch of port pictures.  I
recall movies and news stuff in the past where those pictures can be
used as evidents against him by law enforcement.

Now the question of a computer repair shop coming across this stuff
and a superviser at work finding this stuff on a work station are two
different things.  When I worked at AHCCCS, we took HIPAA seriously
and in addition, the user affirmation statements we had to sign every
year, also included language forbidding the use of state equipment for
personal use and any "inappropriate" material.  So any porn found on a
state computer could easily be grounds for dismissal of the employee.

On Thu, Feb 10, 2011 at 12:10:08AM -0700, Nathan England wrote:
> Very interesting question. I have had to deal with that in the past. Working
> for a small computer repair shop I was watching a virus scan as it scanned
> files. I typically set the scanner to scan all files, not just "infectable"
> ones. While watching the line displaying the names of files being scanned,
> it continuously looked liked a folder or file called kiddyporn or something
> like that. I didn't go digging, but told my boss and asked what I should do.
> The answer was, they brought their computer in here to be repaired. If it
> gets out that we are snooping through people's computers that will be the
> end of us...
> 
> Another computer came in and the guys desktop wallpaper was some rather
> crude and vulgar porn and he had what appeared to be kiddie porn images on
> his desktop. Same thing, told me boss, and the answer was, change the
> desktop background as we don't want customers to see that, but otherwise, it
> is not our job to snoop!
> 
> Geek Squad on the other hand ... !!!
> 
> But you really have peaked my interest. A company computer should not be
> used for that type of material, well porn in general, but especially not the
> illegal kind. I would have to say I would probably shut the machine off and
> take it back to my office, make up some excuse about needing to upgrade the
> ram for the new office version, and then give the machine to my boss to
> examine. But at the same time, in brutal honesty, I would be hesitant, if I
> did not get along real well with my boss. Regardless, porn is one thing,
> kiddie porn is something else.
> 
> What is the "right" answer you look for?
> 
> On Wed, Feb 9, 2011 at 9:39 PM, Bryan O'Neal <
> Bryan.ONeal at theonealandassociates.com> wrote:
> 
> > Not what I was looking for but great answer!
> >
> > On Wed, Feb 9, 2011 at 7:42 PM, Technomage Hawke
> > <technomage.hawke at gmail.com> wrote:
> > > well,
> > > I am not sure how I would handle that. I would have to hand it off to
> > someone with a working pair of eyes. I would also request a report on what
> > was found. as for the why: any such "proscribed materials" could introduce
> > unwarranted liability issues to the company. If found to be such, I would
> > order the file moved off onto a dedicated device and then have it turned
> > over to the authorities.
> > >
> > > if, however, it turns out to be nothing, I would inform the employee in
> > question that his/her's search and storage "habits" need to be re-examined.
> > The emphasis being on corporate policy and security.
> > >
> > > -Eric
> > >
> > > On Feb 9, 2011, at 7:17 PM, Bryan O'Neal wrote:
> > >
> > >> HIPPA mostly deals with protecting you against accidental or malicious
> > disclosure of your private data. It can not protect you against idiots with
> > access. That is for individual people to do. We are more sensitive to these
> > violations then most people but you would be surprised at the number of
> > people in our industry who actually WILL read your email. <I used to work
> > with one>
> > >>
> > >>
> > >> On that note I am very curious to see how this group, one who is highly
> > concerned with privacy, would answer an interview question I used to give
> > jr. desktop support people.
> > >>
> > >> "You were assigned to install Office on a managers computer. During the
> > course of this you discover a folder containing what looks suspiciously like
> > child pornography. What do you do and why?"
> > >>
> > >>
> > >>
> > >> On Wed, Feb 9, 2011 at 5:00 PM, keith smith <klsmith2020 at yahoo.com>
> > wrote:
> > >>
> > >> Let me ask, which do you think got the doctor's attention?  The
> > malpractice settlement or a misdemeanor charge?
> > >>
> > >> ------------------------
> > >> Keith Smith
> > >>
> > >> --- On Wed, 2/9/11, ChasM Marshall <chasm750 at hotmail.com> wrote:
> > >>
> > >> From: ChasM Marshall <chasm750 at hotmail.com>
> > >> Subject: OT: Learning to Spell (HIPPA)
> > >> To: plug-discuss at lists.plug.phoenix.az.us
> > >> Date: Wednesday, February 9, 2011, 3:54 PM
> > >>
> > >>
> > >> Hiya,
> > >>
> > >>   Lemmie talk about "HIPAA".  Health Insurance Portability and
> > Accountability Act
> > >> Linux gurus really should be more aware of privacy ethics.
> > >>
> > >> First off:
> > >>   The medical industry happens to be pretty good at self-policing.
> > >> It's not common knowledge, but prosecutions under this law are very
> > rare.
> > >> Sadly, the whole personal privacy issue seems protected by a
> > >> toothless dragon.  Legal systems that just don't work.
> > >> I can't find a single prosecution in Arizona.
> > >>
> > >> And B:
> > >> Candidates for cases do exist.
> > >> As of 2007:
> > >>
> > http://www.law.com/jsp/article.jsp?id=1198749902130&slreturn=1&hbxlogin=1
> > >>   "HIPAA violations are misdemeanors, and no one in Arizona has been
> > >> prosecuted under the four-year-old statute, said Sandra Raynor, a
> > spokeswoman
> > >> for the U.S Attorney's Office in Phoenix."
> > >>   In the above case Sean Dubowik, 37, was victim of an intern's cell
> > phone camera.
> > >> The photo never made it to the internet, or this case would be
> > legendary.
> > >> As it happens, this guy is owner of a strip club in the Phoenix area.
> > >> His gallbladder surgery was NOT a publicity stunt.
> > >> It pisses me off, that this gained national attention without justice.
> > >>
> > >>   Privacy in Linux?  What's your take?  Looks to me like the law ain't
> > any help.
> > >> I'd bet that everyone on this PLUG list has violated privacy in some
> > way.
> > >> Yet, I'd trust any one of 'em in a heartbeat.
> > >> It's the inexperienced that need surveillence.  Or spelling lessons.
> > >>
> > >> @ Lisa:
> > >> "Trust Is A Weakness"
> > >>
> > >> (-:  Chas.M.  :-)
> > >>
> > >> -----Inline Attachment Follows-----
> > >>
> > >>
> > >> ---------------------------------------------------
> > >> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > >> To subscribe, unsubscribe, or to change your mail settings:
> > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >>
> > >>
> > >> ---------------------------------------------------
> > >> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > >> To subscribe, unsubscribe, or to change your mail settings:
> > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >>
> > >> ---------------------------------------------------
> > >> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > >> To subscribe, unsubscribe, or to change your mail settings:
> > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >
> > > ---------------------------------------------------
> > > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change your mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> 
> 
> 
> -- 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Nathan England
> 
> I believe in the Constitution and the 4th Amendment. I am innocent and have
> nothing to hide, but NO agent of the state crosses my threshhold without a
> valid warrant signed by a judge and properly submitted. If we fail to
> exercise our rights, we lose them.

> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

More information about the PLUG-discuss mailing list