Storage and security: how real is the threat?

Thursday, 12 June 2003, 2:42 PM EST

In a previous column covering the requirements imposed by recent legislation on healthcare data protection and privacy, we documented a few gotchas affecting data storage. The column generated several responses and recommendations, particularly with respect to the dilemma confronting a small New England healthcare provider.

The company in question reported difficulties when seeking to return defective disk drives to their manufacturer for replacement under warranty. According to legal eagles, if the possibility existed for privileged data to remain intact on the media, then the disks could not be passed along to a third party.

The storage administrator in the article suggested several approaches for rectifying the problem, including the erasure of the media using a high power electromagnet. He needed to find a way to render the media unreadable in order to fulfill the privacy requirement while not deliberately damaging the media and nullifying his warranty.

Lawyers found that all of the suggested solutions ran afoul of requirements to test the drives—which were non-functioning in the first place—to ensure that the erasure had succeeded. In the final analysis, it appeared that one side effect of HIPAA was that it had absolved disk drive manufacturers of their warranty obligation to provide free replacements for defective wares.

[ Read more ]


The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Wed, Nov 26th