Back Me Up on this?

PcTek9

PcTek9

Well-Known Member
Reaction score
86
Location
Mobile, AL
When you are considering backing up a company, there are many things you need to understand that vary from state to state and country to country.
In the USA, federal laws and acts such as:

Gramm-Leach-Bliley act, Hipaa, hitech act, sarbanes-oxley, sarbanes-oxley II, securites and exchange commission, and national association of securities dealers.

Even older laws such as the computer security act of 1984 would be worth mentioning.

SEC requires that if one of you clients is doing millions of dollars in business that they MUST pay for an offsite backup. Acts such as HIPAA protect patient data, while sarbanes oxley requires data confidentiality but availability to auditors.
 
ATSCF said:
Is there a question? Or is this a statement?
Click to expand...

If you're gonna hike your leg on a post, I would suggest you don't do it on one posted by PcTek9.

The shhhhhstuff this guy throws out is many a bookmark for me. I can't wait to read his next useless post.

example: the "camera" post he put up about a week ago. There is no way I could care less about a freaking CCTV post, yet I read every word of it...TWICE!!! Made me wanna go install a system that day, b'cause I thought I knew how...:D

...goss
 
you don't need to be compliant with any of that, but you better not advertise you are. Your customer is the one who needs to be compliant, unless your business also falls into a regulated area. like oh say PCI because you take credit cards.
 
Hippa is a big one...after I left the finance business, I did contract collections for an ambulance service...hippa is like being in the mob, nobody speaks about La Cosa Nostra. same thing with the privacy act concerning financial matters. If I called to speak to a customer, and the person on the phone asked who i was with, I could not even mention the name of my business.

...goss
 
Last edited:
loaner said:
If you're gonna hike your leg on a post, I would suggest you don't do it on one posted by PcTek9.
Click to expand...

WTF are you talking about? I didn't say anything wrong or act like it was a bad post. My question was sincere. Maybe you need to step down from your mule and take a look around.
 
I dont know what everyone else problem is. I understood exactly what was trying to be relied here. When offer/discussing backup solution with larger clients you must be aware of all the regulations and laws so you can offer the correct services. With that in mind you can check out

http://www.usg.edu/infosec/policy_management/guidelines/relevant/

by no means is that a complete list of all but it does have a good summary of a few.

PS - this is a forum, not a technibbles blog page, we are members not authors, this is not a professional newspaper. Most of the time people just share what they think could be useful to other so those that dont contibute new and useful information should remember that before insulting or attacking a post
 
There have been several posts about adding business clients and getting out of the "res only" work.

what if the first "business" they acquire is a law firm, or privately owned eye clinic or something. Just because the eye clinic is in business doesn't mean they know or understand what they NEED to be doing as far as data backup.

Just because we work on computers doesn't mean that's all we need to do(or know). The more you know about "what they must do", the more of an asset you become.


...goss
 
loaner said:
There have been several posts about adding business clients and getting out of the "res only" work.

what if the first "business" they acquire is a law firm, or privately owned eye clinic or something. Just because the eye clinic is in business doesn't mean they know or understand what they NEED to be doing as far as data backup.

Just because we work on computers doesn't mean that's all we need to do(or know). The more you know about "what they must do", the more of an asset you become.


...goss
Click to expand...

Well said filler filler filler
 
tkrabec said:
you don't need to be compliant with any of that, but you better not advertise you are. Your customer is the one who needs to be compliant, ...
Click to expand...

This is a good point. Both medical practices that I support had me sign a HIPAA confidentiality type form because they needed to have it on file because I have access to the data.

It's like a W-9. the customer has to request it.

That being said. I did/do work with both practices on their data security compliance. Then some "experts" verified we had everything in place and made some suggestions.
 
You must log in or register to reply here.

Similar threads

Kitten Kong
  • Sticky
Questions and Answers relating to Microsoft Licencing Guidelines.
Replies
3
Views
12K
Rosco
Rosco
Back
Top