>From: "Rod Falanga" <rjfalanga@xxxxxxxxxxxxxx> >Anyway, not that I claim to be any expert concerning HIPPA, but I do >think that the programmer you're referring to, is likely to be >correct. I do not believe that HIPPA would address the form in which >users' passwords are protected (or not). Mainly because HIPPA >addresses patient health records, how they're stored, protected and >transmitted; and a password is not a part of the patient's health. Not true. The privacy rule (which took effect Apr 14th) requires that patient records be kept confidential. The security rule gives a number of guidelines on how to accomplish this. If you were compromised and it turned out that you had failed to properly protect the passwords you could be heavily fined. Chris Berry compjma@xxxxxxxxxxx Systems Administrator JM Associates "Without change, something sleeps inside us, and seldom awakens. The sleeper must awaken." -- Duke Leto Atreides _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm