[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 11/09/2016 23:26, mr meowski wrote: > On 11/09/16 20:53, Joseph Bennie wrote: > > Hi Joseph, thanks for your reply! > >> boom! your seriously paranoid. > > Yep, that's 100% established around here :] shoulder-surf you on the 37 bus to Wandsworth! You're welcome Professor!" ...... > > Yes, this was/is quite a mess frankly, and far from ideal but it is what > it is. Mercifully, by definition most medical staff/students are pretty > smart and will try to do the best they can and us IT bods did our level > best to support them to that end. It helps that some things are so > clearly defined it's almost impossible to get them wrong, and here I'm > directly addressing the "just back it up to iCloud/Dropbox" replies from > both of you. I will be as clear as I can why that was profoundly bad advice: > > Storing DPA-d medical data unencrypted on a third party cloud service IS > FLAT-OUT *ILLEGAL*. YOU *CAN* BE FIRED. YOU *COULD* BE PROSECUTED. > > If you encrypt first, you're fine. Hence why a local encrypted > TimeMachine copy - then synced to a cloud service, that would be > absolutely fine - is preferable in every way. > Dear folks, 20160912 To Mr Meow ski and all others. Thanks. I learned a lot from reading this about macs. To calm Mr Meow ski, I have always recommended encrypted hard discs. Thanks for identifying the mac encryption systems. Also, from my son who stated she should carry her mac-book air even to the counter when in a cafe or going to lavatory in library. Due to prevalence of theft, as these do not have T bar locks, albeit other solutions exist. It seems some in his university lock their mac-books to the table legs even in library (they disappear when folk go to lavatory, or turn to chat!) Disclosure: as I work in military and commercially sensitive areas; MOD/(??) /nuclear clear up/ etc. I am used to having all highly classified stuff*** 'in -transit' documents sent by very-secure-courier between folk with air gapped systems [Risk there is kidnapping of courier.]. No internet connections. No electronic copies etc. what is transferred is scanned into computers inside the air gapped 'cells'. No USB keys or smart phones, but failure point is lack of a 'thorough' physical search on entry / leaving every time! As I live in Culcheth, home of BNFL, you may guess the background. *** Less than 5% of total data is highly rated. Funnily enough, we produce less paper in these cells than in normal high confidential set ups with 'secure' internet active to chemical/serious hazard companies. NHS. In this area, the card log ons are 'transferred from staff to staff' due to one hour/two hour locums etc. with no permanent access card log ons so they borrow the resident staff ones! (Tend to be left in active machines on ward.) DPA may make rules etc. but obedience is the problem. [Carrying UK medico personal laptops to conferences in USA when USA customs can search ,demand encryption keys etc. is a problem.] Again, thank for introducing me to Hackintosh machines. -- regards Eion MacDonald -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq