[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dsniff/mailsnarf



> > I've been asked to place a sniffer on a network that handles HIPPA
> > data, and watch for e-mail containing certain strings. I figured that
> > mailsnarf would be the best way to do this.
> >
> Aside from any of hte technical details of this, I'm kind of wondering
> how this fits into HIPPA and it's policies.
>
> I'd be sure that if I were you, I'd have written evidence of someone (a
> boss/supervisor/etc) ordering this kind of behaviour and also my
> objection to sniffing data that might be confidential under HIPPA.

sounds like he's being asked to sniff to make SURE that no one is stupid
enough to email hipaa-covered data out.

C.Y.A. is definitely appropriate.

elijah



Reply to: