Storage and security: how real is the threat?

Thursday, 12 June 2003, 2:42 PM EST

In a previous column covering the requirements imposed by recent legislation on healthcare data protection and privacy, we documented a few gotchas affecting data storage. The column generated several responses and recommendations, particularly with respect to the dilemma confronting a small New England healthcare provider.

The company in question reported difficulties when seeking to return defective disk drives to their manufacturer for replacement under warranty. According to legal eagles, if the possibility existed for privileged data to remain intact on the media, then the disks could not be passed along to a third party.

The storage administrator in the article suggested several approaches for rectifying the problem, including the erasure of the media using a high power electromagnet. He needed to find a way to render the media unreadable in order to fulfill the privacy requirement while not deliberately damaging the media and nullifying his warranty.

Lawyers found that all of the suggested solutions ran afoul of requirements to test the drives—which were non-functioning in the first place—to ensure that the erasure had succeeded. In the final analysis, it appeared that one side effect of HIPAA was that it had absolved disk drive manufacturers of their warranty obligation to provide free replacements for defective wares.

[ Read more ]




Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //