ec wrote:
> 
> The only way, as I see it, is for those databases to
> be completely off line as far as the internet goes.
> Hopefully, the sys admins can convince those to NOT
> use the internet but direct dialup/network that is off
> line.
> 
> Yes, hopefully my health records are on puters that
> are off line.
> 


Irrelevant.

My health records were stolen in December, 2002.  Online database? 
Nope.  Internet hacker that wrote a hydra and dropped it in through a
back door on an old PDP-7 and cracked the 1024 bit encryption?  Nope. 
They broke into the office at I-17 and Tbird and stole the laptops.  No
alarms, no roving patrols, no video surveillance, no cable locks, no
security.  Nada, Zip.

Needless to say, HIPAA has recently become a focal point for me.

George Toft