Tag: tsa

HIPAA and other things that go bump in the night…

HIPAA and other things that go bump in the night…

hipaa-compliant.png

(HIPAA) Health Insurance Portability and Accountability Act

Being and IT guy for the last 35 years, I am no stranger to HIPAA, SOX, FISMA, and many other regulations from the government, including the federal mandates as to how this is to be accomplished.

While HIPAA is designed to protect your privacy, I wonder if that is how it is actually being used.

From a DR (disaster recovery) standpoint, your data must be backed up and off site. Your data must be recoverable; meaning that you have successfully tested the process on a regular basis.

cloud-technology.jpg

The easiest way to do this is with CLOUD technology but, I am here to tell you that the hackers attack the cloud… If you’re data, and my data, and your competitors, is in some nebulous storage arrays out there in some data center…that is a central target for the bad guy…

You must have written policies and procedures regarding same… This would be part of your DR plan, run book; or even your living document that is your DR plan.

SOX-Sarbanes-Oxley.jpg

SOX or Sarbanes Oxley is another set of rules that apply to all publicly traded companies that share many of the same tenants of a good DR plan.  E-mails must be stored and retrievable in the event the government wants to see them.  Stored off-site and recoverable…

506408.PNG

The government, for the government’s own use, has stricter policies and procedures which I wrote about some time back when the Hillary e-mail fiasco came to light…  That is why this whole e-mail scandal is laughable as there is no possible way that those e-mails should have been lost, just like there is no way that she should have had a server of her own, dealing with Top Secret Classified e-mails.  Why she is already not wearing orange, and living in Club Cupcake Penitentiary, is a testament to the corrupt policies and procedures that our wonderful government seems to enjoy for the rich and famous or in this case the political elites.

Calling and talking with any of the folks at your insurance carrier, you are told that your call may be recorded and monitored for security and training purposes…  Now please tell me how this does not violate HIPAA?

 

When visiting your doctors you had to sign a release, basically nullifying HIPAA so they, the office staff or doctors can talk about your case, health or anything that is needed to whomever that they have to deal with to get paid.  Again, how is this not a violation of HIPAA?  Working behind the scenes at these places I have heard many cases talked about from end stage renal disease, to genital warts complete with names. I was once working in a plastic surgeons office where his desk was littered with open pictures of nude women with before and after breast augmentation etc etc.   This stuff should have been put up before I was ever allowed into his office.

surveillance.jpg

The simple facts are, that we are living in an age of no-privacy; either expressed or implied.  The idea of HIPAA is great but, like the thousands of pages of tax code, it is virtually meaningless after the lawyers get through with it.  It’s like living in Chicago with all sorts of police vehicles, and one cop who lives at the donut shop.  There is the illusion of security, but it simply does not exists.

The airport is another place where you have no privacy but, still the TSA misses about 95% of the threats that their agents try to smuggle through, while testing their efficiency. 

New-Republic-TSA-naked-scanner-cover.jpg

While we parade through scanners that strip us naked, and expose us to ionizing radiation, they still miss 95%…! How the hell is that possible?!

3-Waiting-Room.jpg

While in the waiting room the other day I could hear the office staff talking about patients and their treatment options… That was not bad enough… One of the ladies at the reception desk was calling patients who owed them money between greeting people, taking credit card info… Yep, she read back the guy’s number complete, the billing zip code and expiration where everyone could hear it.  I take credit cards and I thought to myself… you did not get the CVV code… A few minutes later she called him back to get that…. And repeated it to where anyone in the waiting room could have heard.

download (10).jpg

While I have since written a letter to my Doctor…it does not end here…

0043.jpg

This same doctor prescribed some meds that I went to CVS to pick up…  While in line, the cashier, after getting your name and date of birth, grabs the meds off the shelf, and tells you what they are so everyone in line and the immediate area can hear.

Name and DOB are nobody’s business and certainly what you are buying is nobody’s business…

While I may be over sensitive to this, I don’t really think so…

Either we have HIPAA or we don’t.  Either we follow the rules and policies set forth…or we don’t.

The illusions of security is not enough.  The illusion of privacy is not enough.  Collecting everyone’s Meta data without warrant, is wrong on many levels.

We need to look at and re-vamp all of these policies as we have given up so much of our privacy for the sake of laziness on the part of the employees.

Instead of me telling the lady behind the counter she should ask me to see my ID verifying who I am and my DOB without saying it aloud.  After she pulls my meds she can show me what they are without voicing them… Simple policy changes prevent unauthorized or in this case nosey people in line getting into your business.

There are simple answers for all of these things but one simply has to think… We are too damned lazy to think…

-Best

© Copyright 2015 All Rights Reserved

 

To Lock or not to Lock

Image

This is not the first time that I have written about air travel.

On a recent trip the bags went one way, and the passenger another.  Now if you tried to do this deliberately, you could not orchestrate it but; trying to keep the bag and passenger on the same plane is proving more and more difficult.

The bag finally was returned a week later, and after many phone calls to several different airport personnel who did not have a clue or care. It was almost as if, “hey you are bothering me, I am just here to draw a check, not actually do something!”  I was going to say I may be exaggerating a little but actually no; not at all.  This was the attitude! When asked for her name she would not give it.  Hmmmmm…  And we wonder why the airlines have to cut services, charge more for the services that they still do have, and are still going broke.  Get rid of the dead weight airline people!  Grow a pair!

Usually; when my bag has been rifled through, looking for god knows what; there is a lovely piece of paper in it telling me that it was searched.  “Like I need a piece of paper telling me that my once neatly folded clothes, now appearing as if some gorilla had worn them for a week was not clue enough.”  Still, some notification of who did this would be nice.  On a recent trip the bag was searched, the lock went missing and there was no piece of paper.  Can we no longer afford the paper or did somebody else go through the bag?

These locks are not cheap and for my money not very secure either; as we have no idea who all has the magic “TSA Key”.  I am guessing that there are more than a few baggage handlers who have them in their possession.  So where are all of the missing locks?  A quick look on eBay and I found several “lots of airline TSA approved locks all set to 0.”

I wonder if the seller either works for the TSA, or has family or friends that do, surely not, they surely would not be that stupid.

Here is another issue with this.  I realize that this puts me out there with the conspiracy folks but what if someone wanted to use your luggage to smuggle something out of the country or state, or into the country?   If the luggage (with the payload) makes it through, it then is simply intercepted at the other end. You file a missing bag claim and nothing happens as nobody gives a damn anyway.  You chalk it up to the lousy airline, buy new stuff and write a blog about how crappy the airline is.  But what if the TSA actually doing there job while trying on your clothes, finds the “payload.”  Then they get all puffed up thinking they have found the “bust of the year, their name will be in all of the papers and they will be a hero to women and children alike!  Wheaties will even want to put their picture on a box and they will get money for their likeness being used!” Well, maybe not, maybe then just a simple promotion for doing their job.  Meanwhile; you get arrested and have to explain “the payload.”  Like who would be stupid enough to put something illegal in their own bag.  Well, some idiots do and thank goodness that they do or there would be nothing for the “locked up abroad” folks to write about.   I digress.  Think about it though. Because your luggage is now “unsecure” what if?  Do you realize that in a lot of countries you are not presumed innocent, until proven otherwise?

While the TSA is doing an excellent job of feeling up old ladies and small children, and of course looking at everyone’s “rude bits,” I would be a whole lot happier if they would secure my luggage with cameras, people and of course honest TSA agents.

My advice for now, use a carry-on if you can. Consider shipping your luggage via USPS or UPS or even FED-EX as even that would be cheaper than trying to prove to someone in Bora-Bora, that the drugs or money or what have you in your bag, are not yours.

Failing that, save some money, Use a cable tie to lock your bag.  It is too much trouble for the average baggage handler to cut off, and if the TSA wants in there, they can cut off a lock, they can certainly handle a zip tie.  Put a few extra in your carry on, purse or wallet for the rest of the trip and leave nothing of value in your bag.  Realizing that some Blue Jeans can sell for over $200 a pair (you know the ones with holes in them,) you may want to wear them.  Besides, if they have enough holes, the TSA will have less to grope!

It seems a sad state of affairs when the people who are providing a service think that it is ok to steal from you.  It is equally sad that Americans and for that matter anyone that travels by air; is forced to submit to this treatment.  A major news outlet actually did something that was not politically motivated by taking part in apprehending two TSA agents who on two separate occasions absconded with two different iPads. You would think that in this day and age of cameras everywhere, that the airport folks could put some security in the areas where people’s bags are.  Now that we know what is in everyone’s underwear, how about turning the cameras on the fox’s watching the hen house?

-Best to you and those that you care about!