On Thu, Nov 19, 2015 at 09:01:47AM -0600, Merlin Moncure wrote:
> It's quite a stretch to assume that HIPAA applies to internal garbage
> collection minutia.
It, of course, does.
Which is why applying your suggestion ...
> A much better way to look at compliance is to encrypt all sensitive
> details and, when the customer relationship is gone, delete the key.
... is necessary.
Karsten
--
GPG key ID E4071346 @ eu.pool.sks-keyservers.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346