HIPAA and Network Security

13 09 2007

A friend of mine, who used to work for a company that’s contracted to the state of Wisconsin for its Medicare/Medicaid program, worked more specifically with HIPAA. I asked him this:

I’ve got a question for you… do you have, or know where I might find, information about HIPAA in regards to network security? For instance, companies’ legal responsibilities for keeping electronic data secure?

His response:

That’s a hell of a loaded question. HIPAA actually has very few specifics about what is required for network security, but instead is written vaguely enough that everyone is keeping on their toes. It was enacted back in ’96 so anything they wrote into it is already 11 years old. It’s far from being as simple as “and every entity must have a XXXX type firewall system”… It’s really more like “everyone must do what is necessary to keep the information secure”.

Overall, it affects any covered entity that works with health data: hospitals, other health care providers, health/pharmaceutical insurance companies, state health programs (i.e. medicaid) etc. All of these need to have a privacy/security plan in place. Also, a LOT of the network security aspect of this is paperwork. When one of the above entities has someone else working for them (like EDS for WI Medicaid), they need to have a business associate agreement or agent subcontractor agreement in place. This forces the subcontractor to follow the rules of the covered entity. And there’s a trickle down effect as well: when the subcontractor has another subcontractor working for them (like when UGS worked for EDS) there’s another agent subcontractor agreement in place between them. Also, for things like web portals or other remote systems, there are user agreements in place for each user to protect against the dissemination of the data to persons not needing to see it. And user accounts should always follow the “minimum necessary” rule which says that any user should only have access to exactly what they need to accomplish the job and nothing more.

So a security administrator for a company that handles medical records needs to be aware of the nebulous regulations set up by the federal and state governments. Not only do they need to design a security system that will keep information secure, but they need to keep the “minimum necessary” rule in mind, too. It’s a tight rope to walk in ever changing conditions.

He also provided these links:

Wikipedia has a good article (see the “security rule” section):

The official government site:

Another good government site (more security heavy):

And a good Wisconsin based org that pretty much sets the industry standard for this sort of thing in the state, HIPAA Cow:


4 Features iTunes Should Have By Now

11 09 2007

I use iTunes as my music player, and it suits my needs well enough. It’s by far not my ideal music player, but I like it more than any other options I’ve tried.

Except one.

Amarok is much better than iTunes. I like it a lot more, and I wish so much that I could use it all the time. The only problem is that Amarok is currently only available for Linux. It’s a great application, and is often cited as one of the biggest reasons to switch to Linux.

Amarok has a few very awesome features that, quite frankly, I’m surprised haven’t been implemented by now in iTunes.

In no particular order:

Built-in lyric display. Amarok has a tab on the side of the window called “Context”. One of the features on this tab is to display the lyrics of the current song. Shouldn’t this feature be a staple of every media player? Instead of going through Google to find the lyrics for a song, you can just open the Context tab and voila!
Built-in display of artist’s Wikipedia article. Also located in the Context tab, this handy little feature lets you read up on the currently playing artist. It also supports hyperlinks so you can click links to the band’s specific albums, songs, related artists, etc. and after a few songs wonder how you ended up on the article for Lesbianism in Erotica.
Automatic scoring of tracks. I’m pretty sure it’s called “Score”, but I’m not entirely sure – I haven’t used Amarok in a while. (I know!) In addition to having ratings that you manually input, Amarok keeps score of the tracks that are played. If I remember correctly, it bases the score (out of 100) on how many times the track has been played compared to the Most Played Track. If the song plays all the way through, it counts more than if you’d skipped it in the middle of playback. This is totally automatic, and gives you one more dimension for creating dynamic playlists.
More precise ratings system. Amarok allows you to rate songs with half stars. So instead of just choosing between 0, 1, 2, 3, 4, and 5 as in iTunes, Amarok allows you to give a song 0, 0.5, 1, 1.5, etc. stars for a more precise appraisal of your music.

These four features would be at least as useful as the Album Ratings Apple put into the 7.4 version of iTunes recently. Don’t get me wrong; Album Ratings is cool – except for the fact that you apparently can’t remove an album rating completely – but these four features give you much more control over your music, and give you a richer experience.

Halloween (2007)

11 09 2007

A couple weeks ago, I went down to see Rob Zombie’s remake of Halloween with my sister and her husband.

It was good.

I don’t think it’s appropriate to directly compare Rob’s film with the original, because as I’m sure you’ve heard 842.344 times by now, Rob Zombie’s film is not a remake – it’s a reimagining.

John Carpenter’s Halloween is a classic horror movie, and (in my opinion) the best of all slasher flicks. It created the genre. It’s the reason we even have movies like Friday the 13th and A Nightmare on Elm Street. We don’t need to get into the history of the horror movie genre.

In the original, the only kind of backstory we get is Michael killing his sister while their parents are gone. We don’t know why or what possessed him to do it. It just happens, and Michael is sent to the loony bin. He breaks out, and goes on a killing spree. Let’s be honest – the film was pretty light on plot.

In Rob’s film, we get to see what kind of situation Michael lives in at home. There’s abuse around every turn, from his (step?)father, sister, kids at school, etc. In the loony bin, we get to see Dr. Loomis (Malcolm McDowell) try to help Michael… I don’t want to get into the details of the film. There’s much more of a story, and it makes you believe the Michael Myers character a lot more. It makes him seem much more real than in the original, where there were hints and inklings that Michael might be a little more than human. The psychology behind Michael’s character was sound and realistic as well; my brother-in-law has a Master’s Degree in Psychology, and he said as much.

Plus there’s gratuitous frontal nudity. Couldn’t have a slasher flick without it!

Overall it’s a good film and worth the price of admission.

I should also mention that before the movie, we saw a trailer for The Mist. I’m so fucking psyched about this movie!! The Mist is a movie based on a Stephen King story, being made by Frank Darabont, the guy who made The Shawshank Redemption and The Green Mile.

“The Mist” is probably my favorite King story. It’s a contemporary Lovecraftian story about a group of people that get trapped in a grocery story when the eponymous mist rolls in after a nasty summer storm. There are… things… in the Mist, and the story explores the interaction between the people in the store, and how they react and interact under the severe stress of their environment.

This movie has been trying to get made for many years, and finally it’s almost here!

She’s not a baby any more.

5 09 2007

Today is Willow’s first full day of Kindergarten. Her first full day going alone. Right at this moment, 8:21 am, she should be sitting on the bus, making her way to school. There are some other kids that live in our apartment building/complex that she knows, and who are a year or few older than she, so she can follow their lead. I just hope she doesn’t freak out and start to panic. I think she’ll be alright though.

I’m probably more worried than she is. This is such a big day for her. I thought about taking the morning off, or at least come in an hour late or something, but I figured it would probably be best if we made the day as normal and routine as possible. I’ll call Lindsey in a little while and see how she did. I’m not too worried about Willow catching the bus after school; I’m sure they’ll have teachers out there to help the new kids. We’ve tried to make sure that Willow understands that if she gets lost or scared, that she can ask a teacher for help.

Once she gets used to it, time will fly by, and next thing we know, Ari will be going off to Kindergarten. Then we’ll have graduations. And college.


Almost there….

27 08 2007

This school term is almost over. Thank the heavens.

This term has been the hardest so far. The two classes I’ve had, Speech and Linux Administration, were each incredibly demanding. I really wish I’d had these classes separately, especially the Linux class. I’ve really enjoyed it so far, but being paired up with Speech, I wasn’t able to devote as much time and attention to it as I would have liked. I’ve learned a lot of cool things you can do in Linux, and I feel a LOT more comfortable using it.

For my final project, I’ve set up a blog and chat server. Aside from a few anomalous roadblocks, the installations went very smoothly. It wouldn’t be much at all to set up a chat or blog server for our company, I don’t think. It certainly wouldn’t cost a ton of money, especially if you use existing hardware.

I used WordPress for the blogging, and 123flashchat for the IM.

WordPress took a little bit of configuration, but even so, it was very simple and straightforward. There’s very good documentation on the WordPress site, and via Google.

123flashchat was even easier. I just downloaded the server media, unzipped it, and that was it. There was no configuration at all. I was having trouble with it for a while – I couldn’t access the chat interface from a client computer. I tried tweaking IP addresses, subnets, and gateways, but nothing I tried worked. Then I finally realized that the firewall on the server was still on. chkconfig iptables off and service iptables stop did the trick.

Now I just have to show my teacher that the blog and chat servers work, and that will be that. From what I’ve learned doing this, I might see if I can set up a chat server for use here at work, so we don’t have to go through GTalk or other 3rd party services.

This marks the end of my third semester at Herzing. I’m 1/3 of the way through the Bachelor Degree. Next semester I only have two classes, one per term. Which means no online class. Next semester shouldn’t be nearly so hellish.

They’re giant robots, for f*!k sake!

27 07 2007

I’ve read a couple reviews of the Transformers movie, in which the writer complained about the flat, two-dimensional characters and the lack of plot. If you saw Transformers, and were disappointed in the plot and character development, let me ask you something…

Are you fucking serious? Did you maybe go into the wrong theater?

It’s a movie about giant, sentient, shape-shifting robots from outer space. The story is twenty years old and based on a series of children’s toys. What do you expect?

Personally, I thought the movie was great. But then, I went into the theater expecting there to not be much of a plot or character development. And I didn’t care. I paid eighteen dollars (my wife and I) to see giant robots fight each other. I got exactly what I went for. Plus a little extra eye candy in the form of Megan Fox. Perhaps even more sexy, however, was Rachael Taylor (the one on the left). Sexy + geeky = super-ultra-mega hot!

I digress.

The movie was fun. There was humor, even poking fun at itself – like when Mikaela asked Sam if she seemed shallow, Sam said there was more to her than meets the eye. I got a good chuckle out of that.

The point in all this is that you can’t look too deeply into Transformers. When you watch it, let your brain relax. Just go with the flow and enjoy the ride.

Supergiant Star Spews Molecules Needed for Life

24 07 2007

Astronomers Discover Supergiant Star Spews Molecules Needed for Life from PhysOrg.com

University of Arizona astronomers who are probing the oxygen-rich environment around a supergiant star with one of the world’s most sensitive radio telescopes have discovered a score of molecules that include compounds needed for life.

[read more here…]