|
The Electronaut posted:Yup. Having more email or documents than necessary is a liability. It's kind of sad that the Information Age has been neutered by the Litigation Age.
|
#
?
Jun 16, 2014 22:45
|
|
|
|
| # ? May 10, 2024 02:11 |
|
|
We might as well cut out stored information entirely and only have in person verbal agreements, wouldn't want to leave a paper trail.
|
|
#
?
Jun 17, 2014 03:35
|
|
|
Boss calls me at about 8 tonight and says "Hello Simpleboo, I'd like a giant loving security hole in my network that is also against HIPAA regulations." I said no, and that the answer I gave him in conversation earlier today has not changed. "Well this is not going to fix my issue so that will not work." Well I apologize that I will not take on the responsibility of installing and mainting a vulnerability. 
|
|
#
?
Jun 17, 2014 05:04
|
|
|
Websense filtering: ATEN Usb to Serial driver, huh? Obviously this is potentially unwanted software. Wait you just tried it 10 times, you can have it! Id like to believe this is a feature, but I cant.
|
|
#
?
Jun 17, 2014 05:07
|
|
|
myron cope posted:So is the idea of a cheap T-mobile "work phone" just that you can turn it off? Reimbursing $50 means they only get to call you at certain hours? I'm just missing the point (not saying there isn't one). I already have a cell phone. If the company I work for then starts paying $50...they expect me to answer 24/7? Where does getting a cheap phone with a separate number make a difference in their expectations? If I have it off, I'm sure the next conversation is "we need you available to answer emails/calls when we email/call you". Is that just the point where you tell them to pound sand? The thing that is most confusing about this is the powers that be is they don't know what they want either. They want people on call, but only a few groups have enough people to have an effective on-call rotation, but anything that really goes pear shaped will involve the groups that aren't on call. So many the phones are an attempt to get more people on call. We are pretty much running into a case where we are actually big grown up company, but the C levels like pretending we are actually a smaller company because it looks better on advertisements. This mainly shows in IT stuff, we have no troubles buying the equipment we need, but getting the people to run it is a problem, as asking for manpower is rejected because having lots of people looks bad apparently.
|
|
#
?
Jun 17, 2014 06:04
|
|
|
Simpleboo posted:Boss calls me at about 8 tonight and says "Hello Simpleboo, I'd like a giant loving security hole in my network that is also against HIPAA regulations." I said no, and that the answer I gave him in conversation earlier today has not changed. "Well this is not going to fix my issue so that will not work." Well I apologize that I will not take on the responsibility of installing and mainting a vulnerability. You're just gonna leave us hanging as to what said vulnerability is? 
|
|
#
?
Jun 17, 2014 11:04
|
|
|
D34THROW posted:You're just gonna leave us hanging as to what said vulnerability is? I'm just going to assume it's an automated Twitter account that broadcasts private medical information about patients. "F. Johnson's Gonorrhea is flaring up again in 408. #CLAP #YOLO"
|
|
#
?
Jun 17, 2014 11:09
|
|
|
Dr. Arbitrary posted:I'm just going to assume it's an automated Twitter account that broadcasts private medical information about patients. I mean, its a good way to keep your patients upto date.. @fjohnson its just your Gonorrhea again #timeforashot #YOLO
|
|
#
?
Jun 17, 2014 13:09
|
|
|
Simpleboo posted:Boss calls me at about 8 tonight and says "Hello Simpleboo, I'd like a giant loving security hole in my network that is also against HIPAA regulations." I said no, and that the answer I gave him in conversation earlier today has not changed. "Well this is not going to fix my issue so that will not work." Well I apologize that I will not take on the responsibility of installing and mainting a vulnerability. I use to be the same way but honestly, isn't that your bosses decision to make? Are you going to be help personally responsible by law for performing instructions from your boss for hipaa stuff? Why not send him an email letting him know why you believe it violates hipaa and then go from there? I haven't ran into issues like that before but I have faced software piracy in the work place and refused to install unlicensed software. I look back on it and think about how I created conflict when it wasn't my place to do so. I simply should have sent an email letting my boss know that I believed that we weren't licensed for the software and then did what I was told. It sucks being a decision maker sometimes. It sucks even more when someone who reports to you refuses to do tasks you give them for things that is not their call to make. Again, I am not very versed in the hipaa stuff so there might be personal legal reasons tied to your actions.
|
|
#
?
Jun 17, 2014 14:36
|
|
|
Sickening posted:It sucks being a decision maker sometimes. It sucks even more when someone who reports to you refuses to do tasks you give them for things that is not their call to make. Again, I am not very versed in the hipaa stuff so there might be personal legal reasons tied to your actions. That's one thing good I can say about this place. The company is very pushy about ethics. Everything has to be on the up-and-up. So when my boss tried to badger me into violating a Windows license, instead of saying things like 'unlicensed' or 'violation' or even 'illegal', I just said, "That would be highly unethical." That brought an immediate end to it and a born-again willingness to explore other options.
|
|
#
?
Jun 17, 2014 15:03
|
|
|
vibur posted:That's one thing good I can say about this place. The company is very pushy about ethics. Everything has to be on the up-and-up. So when my boss tried to badger me into violating a Windows license, instead of saying things like 'unlicensed' or 'violation' or even 'illegal', I just said, "That would be highly unethical." That brought an immediate end to it and a born-again willingness to explore other options. It's true, the Bible does support Microsoft licensing: Deuteronomy 17:5 then you shall bring out that man or that woman who has done this evil deed to your gates, that is, the man or the woman, and you shall stone them to death.
|
|
#
?
Jun 17, 2014 15:47
|
|
|
Sickening posted:It sucks being a decision maker sometimes. It sucks even more when someone who reports to you refuses to do tasks you give them for things that is not their call to make. Again, I am not very versed in the hipaa stuff so there might be personal legal reasons tied to your actions. Individuals can be fined and/or criminally prosecuted depending on the type of HIPAA violation that is committed so yeah if your boss asks you to do something blatant I wouldn't recommend recording your objections and carrying on with work.
|
|
#
?
Jun 17, 2014 15:48
|
|
|
Sickening posted:I haven't ran into issues like that before but I have faced software piracy in the work place and refused to install unlicensed software. I look back on it and think about how I created conflict when it wasn't my place to do so. I simply should have sent an email letting my boss know that I believed that we weren't licensed for the software and then did what I was told. You don't sound like yourself today. But yes, I agree with that. Start a paper trail of why you think it is pirated and of your boss saying to do it anyway. Might as well cover your own rear end (even though the legal poo poo would hit the company and not you). Sirotan posted:Individuals can be fined and/or criminally prosecuted depending on the type of HIPAA violation that is committed so yeah if your boss asks you to do something blatant I wouldn't recommend recording your objections and carrying on with work. I wonder what would warrant an individual being punished for a violation? How blatant of a gently caress up would it have to be?
|
|
#
?
Jun 17, 2014 15:49
|
|
|
SubjectVerbObject posted:It's true, the Bible does support Microsoft licensing: that's loving amazing.
|
|
#
?
Jun 17, 2014 15:52
|
|
|
Moey posted:I wonder what would warrant an individual being punished for a violation? How blatant of a gently caress up would it have to be? Good question. I found the following PDF that kinda outlines what a business needs to do to keep in line with HIPAA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf A few minutes of googling didn't really bring me anything more clear. Luckily, our medical department has to deal with all this crap and not me. But, here is what the DOJ provides regaring who can be penalized for violations: quote:Criminal Penalties And also gives you this link for further reading (which I didn't): http://www.usdoj.gov/olc/hipaa_final.htm Sirotan fucked around with this message at 16:03 on Jun 17, 2014 |
|
#
?
Jun 17, 2014 15:53
|
|
|
From working with the D.O.J. and hearing what they go after, I would not recommend allowing any kind of decision go through if it will violate HIPAA. If you're on the bottom rung of the ladder and someone asks you to do something that will violate it, refuse. DO NOT knowingly violate HIPAA.
|
|
#
?
Jun 17, 2014 17:14
|
|
|
Moey posted:I wonder what would warrant an individual being punished for a violation? How blatant of a gently caress up would it have to be? I asked at work yesterday! The only time someone's been held personally liable, they were willfully trying to violate and share customer info. Simply being negligent would leave blame on the employer. Pissing me off: myself. I've asked Mr. Meanieface to pack my pump bag the last two days, which also happen to be the first two days of my new job. He's managed to forget something both times. If I had just packed most everything the night before like a grown-up, this wouldn't have happened. 
|
|
#
?
Jun 17, 2014 17:20
|
|
|
God help me. Lync 2010 Enterprise Voice just went live at work today for > 50% of our users.
|
|
#
?
Jun 17, 2014 18:45
|
|
|
Bob Morales posted:Told the recruiter that got me this job, and another one I was working with last year that I was looking for something else. I have to stick around here at least another 45 days to finish the Exchange migration though. I left my old job in April. About 1/3rd of the users still needed to be migrated over to hosted Exchange. I talked to an old co-worker last night, apparently last week they stopped migrating users because "The email package we purchased was not the one _IT_DIRECTOR_ wanted". So for the last two months they've been paying for both the new hosted email package, and the old spam filter setup (per user) and who knows what the flying gently caress they are doing now.
|
|
#
?
Jun 17, 2014 20:09
|
|
|
Sickening posted:I use to be the same way but honestly, isn't that your bosses decision to make? Are you going to be help personally responsible by law for performing instructions from your boss for hipaa stuff? Why not send him an email letting him know why you believe it violates hipaa and then go from there? 'I was just following orders' is not a defense for many things. If it is wrong, especially if it is illegal and you know this do not do it no matter what your boss says. For some things warning and getting documentary proof would be enough to keep you out of the fire but not all. For contractual things between your company and another it probably is, but when it comes to matters of law it won't be and your documentation may even hurt you. You knew it was wrong and did it anyway? will not look good.
|
|
#
?
Jun 17, 2014 23:09
|
|
|
Varkk posted:'I was just following orders' is not a defense for many things. If it is wrong, especially if it is illegal and you know this do not do it no matter what your boss says. For some things warning and getting documentary proof would be enough to keep you out of the fire but not all. For contractual things between your company and another it probably is, but when it comes to matters of law it won't be and your documentation may even hurt you. You knew it was wrong and did it anyway? will not look good. I want to believe this but in the world of IT I just don't see it being a reality for the overwhelming majority of things we would realistically tasked to do. There are going to be some blatant circumstances(child porn etc) but does this really fit in this current scario? Wouldn't that be the extreme .00000009%? The context was (this time around) that he was asked to do an action that might make the network insecure in an HIPAA environment. I highly doubt that action is illegal on the person doing it although it might be for the decision maker or the company at large. I am not a HIPAA expert by any means. Just seems like an odd situation to be telling your boss "no" when the decision seems to be primary his/hers. I am probably one of the louder voices in this forum telling my boss no for certain things when it pertains to things that directly affect me. I just find myself more likely suggest things and then ultimately do what is asked when it comes down to decisions that pertain to the company and not just me.
|
|
#
?
Jun 18, 2014 01:04
|
|
|
This is why you shut up unless you are the HIPAA compliance officer. I deal with HIPAA poo poo all the time and if something seems awry I always kick it to the HIPAA compliance officer to examine and decide. This way I never say something definite about its legality. I do not have specialized training to make determinations and I am not paid nearly enough to. Also 95% of poo poo that seems like a HIPAA violation probably won't be actioned because the regulations have no teeth. The big penalties and poo poo happen only in cases of gross or negligence, continual non-compliance or willful, malicious acts. The actually IT security side is pretty vague. It isn't as delineated as the various finance laws.
|
|
#
?
Jun 18, 2014 01:07
|
|
|
John Kruk posted:This is why you shut up unless you are the HIPAA compliance officer. I deal with HIPAA poo poo all the time and if something seems awry I always kick it to the HIPAA compliance officer to examine and decide. This way I never say something definite about its legality. I do not have specialized training to make determinations and I am not paid nearly enough to. That's more of a situation that I would assume would happen. Make sure the decision makers put their stamp of approval on it and just do it.
|
|
#
?
Jun 18, 2014 01:12
|
|
|
Volmarias posted:Or she's not a skinny If you wouldn't have cared if it was a fat male engineer you're a sexist  --------------------------- On an actual serious note, jesus christ how do people go back to work after a long holiday. I just came back from a week of drinking at a festival (literally from the second I woke up till the second I went to bed) and I want to give the finger to every co-worker who makes a joke about me looking tired. Grumpy after holiday blues I suppose.
|
|
#
?
Jun 18, 2014 12:25
|
|
|
dogstile posted:If you wouldn't have cared if it was a fat male engineer you're a sexist but, you are shaming the poor fats who just can't help the fact that they eat 10k calories a day!
|
|
#
?
Jun 18, 2014 12:30
|
|
|
At a conference and apparently the organizer didn't bribe the right union guy at the Javitz so no air conditioning for us.
|
|
#
?
Jun 18, 2014 13:36
|
|
|
tomapot posted:At a conference and apparently the organizer didn't bribe the right union guy at the Javitz so no air conditioning for us. Holy poo poo that place is going to be a ridiculous hotbox. My condolences.
|
|
#
?
Jun 18, 2014 14:14
|
|
|
Inspector_666 posted:Holy poo poo that place is going to be a ridiculous hotbox. My condolences. That big glass facade looks great but holy crap when the morning sun comes blasting through I felt like an ant under a magnifying glass.
|
|
#
?
Jun 18, 2014 14:18
|
|
|
John Kruk posted:The actually IT security side is pretty vague. It's EXTREMELY vague. The whole thing is basically "take appropriate precautions, use good and well thought out practices." That doesn't stop people trying to use HIPAA! COMPLIANCE! SECURITY! constantly to try to bludgeon an argument.
|
|
#
?
Jun 18, 2014 14:57
|
|
|
Took last week off to staff my son's Cub Scout day camp (BSA certified archery instructor). I changed my voicemail greeting to let callers know that I was out of the office, and who to call if they needed help before I returned. Came back to several messages, over half of which were along the lines of, "I need help IMMEDIATELY, call me back TODAY!" Also found a huge clusterfuck started by my boss (who really knows nothing about computers). The Toughbooks in our cruisers that are used to access driver records, warrants, etc. are managed by the county Sheriff. They are locked down very well, with severely restricted network access and no install permissions. We also need access to the local city police records system. The city records systems is supposed to be integrated into the county system "soon", but in the meantime, they have set up a workaround that involves logging onto a secure website and running Citrix XenApp, then logging into the records system. The problem(s)? The secure website is not whitelisted on the county network. XenApp is not installed on the Toughbooks. We don't have a license for XenApp, and even if we did, no one within our department (including me) has install permissions. My boss went ahead and pushed the information out to the patrol officers without giving it a second thought. I came back to a pile of "this doesn't work" memos.
|
|
#
?
Jun 18, 2014 16:10
|
|
|
BigAnt Messenger. Anyone have experience with this flaming pile of poo poo? My boss decided to buy it after hearing horror stories about Lync, and I've been tasked with testing and rolling it out. Adding new users requires the service to be restarted, disconnecting everyone else for up to 30 seconds. And when it comes back they usually receive more errors until the service is restarted a second time. It also seems to open multiple system tray instances which then fight with eachother. This causes the user to get simultaneous "invalid username" and "user is already logged on" messages when signing in. My only hope is to document these errors and make enough of a fuss to try something else. But I think he's buying the license for real today. Did I mention they are based in the UK and only have 8am-11am & 8pm-11pm EST support hours? I guess that's ok, because I'll be adding users afterhours anyway 
|
|
#
?
Jun 18, 2014 18:40
|
|
|
I don't get the Lync hatred.
|
|
#
?
Jun 18, 2014 19:14
|
|
|
How the gently caress do you look at Lync which costs £1.30/user/month hosted and decide that an app that resembles MSN Messenger from 2004 is the superior choice?
|
|
#
?
Jun 18, 2014 19:19
|
|
|
I don't know man, I'm just the janitor here. We had a 30 day trial and he just committed and bought it, gave a deadline, and off we go.
|
|
#
?
Jun 18, 2014 19:28
|
|
|
If you can't use Lync, try Google Talk, or Jabber/XMPP, or even IRC. Why on earth would you want to use some no-name service? Even that chat program with Lotus is probably better. (Actually, it probably isn't. gently caress Lotus.)
|
|
#
?
Jun 18, 2014 20:19
|
|
|
Flatulence Jones posted:BigAnt Messenger. What kind of feature set are you requiring? I rolled an openfire server here and deployed out Spark to the workstations. Works for basic chat.
|
|
#
?
Jun 18, 2014 21:05
|
|
|
Moey posted:What kind of feature set are you requiring? Basic chat is all that is really needed. I could try to make the case for something else, but it wouldn't do anything. I remember my boss saying something about OpenFire but something turned him off of it. Basically this piece of poo poo is what's going in and it's up to me and my coworkers to support it for the next X years. Gotta love IT.
|
|
#
?
Jun 18, 2014 21:16
|
|
|
Flatulence Jones posted:Basic chat is all that is really needed. I could try to make the case for something else, but it wouldn't do anything. I remember my boss saying something about OpenFire but something turned him off of it. Basically this piece of poo poo is what's going in and it's up to me and my coworkers to support it for the next X years. Gotta love IT. That's too bad. We roll with openfire too and its fairly nice. Ties into AD too. I don't like the Spark client but you can use any XMPP client with it.
|
|
#
?
Jun 18, 2014 22:08
|
|
|
A c E posted:That's too bad. We roll with openfire too and its fairly nice. Ties into AD too. The last place I was at we ran openfire for a while. It did however poo poo the bed out of random and I really didn't like not having a support number to call. A scary situation to be in for an app your users grow to depend on.
|
|
#
?
Jun 18, 2014 22:12
|
|
|
|
| # ? May 10, 2024 02:11 |
|
|
OpenFire can be tamed, but needs some tuning and a fair amount of ram. We use it with ~600 registered users and roughly 160-250 users at any one time without much fuss.
|
|
#
?
Jun 18, 2014 22:34
|
|
