SwainIT 0 Posted February 14, 2017 Share Posted February 14, 2017 I am a software developer with a small county government. I also cover end user support at our 50 person Social Services. DSS utilizes a State of North Carolina website, NC Fast to submit and store HIPPA data as related to DSS cases. I have some concerns about the forced use of Google Chrome as the only interface to NC Fast and data mining in general as related to HIPPA. Our county strictly prohibits any so-called cloud data. We take our HIPPA oaths seriously. We do not even allow public facing access, except for OWA. All of my sites are hosted by vendors including my GIS site. This solution costs more but security is solid. Being a 3 man IT shop, we are general practitioners, not specialists in security. 1. HIPPA prohibits unauthorized "USE" or "SHARE" of PII, Personal Identifiable Information. 2. Google Chrome EULA states they "USE" and "SHARE" end user data in exchange for using their spyware. Also, Google Chrome has a long history of repeatedly violating end user privacy. 3. Recent versions of Windows contain data mining features that collect and transmit end user workflows and data. A. Does use of data mining software/OS violate HIPPA? B. Which browser best protects end user data? C. Is it possible to block Windows outbound ports to inhibit unauthorized access to HIPPA data? Which ports and are they fixed or dynamic ports? I contacted the main HIPPA office in Atlanta. They have no enforcement powers. I contacted the main NC security officer. Google Chrome is assumed to be "secure" It seems to me that putting Chrome in charge of HIPPA data security is the moral equivalent of putting pedophiles in charge of Children Protective Services, CPS. Am I wrong? How do we secure HIPPA data from unauthorized access? Regards, Kurt Link to comment Share on other sites More sharing options...
ESET Staff Gonzalo Alvarez 66 Posted February 14, 2017 ESET Staff Share Posted February 14, 2017 Hi @SwainIT I think I'm not the right person or with the knowledge to answer your case/questions, in the level you require, however I have to admit was a very interesting reading. Link to comment Share on other sites More sharing options...
itman 1,659 Posted February 14, 2017 Share Posted February 14, 2017 Interesting article about "data masking" here: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3839961/ Link to comment Share on other sites More sharing options...
SwainIT 0 Posted February 15, 2017 Author Share Posted February 15, 2017 Thanks for that link, itman. Link to comment Share on other sites More sharing options...
Recommended Posts