HIPAA-Security -- HIPAA Security Rule implementation
About HIPAA-Security	English (USA)
HIPAA-SECURITY is a forum for the discussion of practical and effective approaches to implementation of the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA). Consideration of the HIPAA Privacy Rule that provide a framework or background for the Security Rule are also on-topic. HIPAA-SECURITY aims to provide strong signal to HIPAA implementors. We encourage a wide variety of opinion, but ask authors of articles submitted to the list to be mindful of the need to stay on-topic. (Note to vendors: selling to professionals requires being a professional. If you want a chance to showcase your products or services, you'll earn it by providing thoughtful and valuable commentary, not by posting a clever sales pitch here.) On-topic discussion includes * Approaches for addressing HIPAA Security Rule implementation. * Alignment of HIPAA Security Rule implementation with broader information assurance and risk management objectives. * Discussion of possible interpretations of the Security Rule and their implications. * Considerations of available methodologies with an eye toward understanding what they can and cannot provide the users. Things to avoid: * Questions about very specific technologies without connection to HIPAA Security, e.g., which brand of firewall, intrusion detection system, fireproof safe, or lock is "the best." * Promotion of specific products or services, e.g., "Try our product, it's only $99!" Discussion of products or services by their users is on-topic, and permissible, e.g., "We got an assessment from SO-AND-SO and found it valuable because..." * Virus alerts. Yes, we know, there's a new piece of malware floating around the Internet. Unless there are HIPAA Security specific aspects of the latest malware, it's safe to assume that another forum is a better place to post your article. * Posting in HTML. Use plain text. * Chatter. Think about what you write, and treat it with the same care that you would treat a brief article or letter submitted to an industry journal or newspaper. The HIPAA Security HyperRule (an online version of the actual DHHS rule) and information on Interhack's HIPAA Security services are also available from this site. To see the collection of prior postings to the list, visit the HIPAA-Security Archives. (The current archive is only available to the list members.)
Using HIPAA-Security
To post a message to all the list members, send email to hipaa-security@web.interhack.com. You can subscribe to the list, or change your existing subscription, in the sections below.
Subscribing to HIPAA-Security
Subscribe to HIPAA-Security by filling out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you. This is a hidden list, which means that the list of members is available only to the list administrator. Your email address:   Your name (optional):   You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext. If you choose not to enter a password, one will be automatically generated for you, and it will be sent to you once you've confirmed your subscription. You can always request a mail-back of your password when you edit your personal options. Once a month, your password will be emailed to you as a reminder. Pick a password:   Reenter password to confirm:   Which language do you prefer to display your messages? English (USA)   Would you like to receive list mail batched in a daily digest? No Yes
HIPAA-Security Subscribers
(The subscribers list is only available to the list administrator.) Enter your admin address and password to visit the subscribers list: Admin address: Password:    To unsubscribe from HIPAA-Security, get a password reminder, or change your subscription options enter your subscription email address: If you leave the field blank, you will be prompted for your email address