Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

HIPAA Revisited (Reviving old thread 181-481897)

Status
Not open for further replies.
evalesthy

evalesthy

Programmer
Oct 27, 2000
513
US
Probably a year has gone by and I wanted to see how others had addressed HIPAA issues with Access databases.

Issues have included: Strong Passwords, Audit Trails, ScreenBlocking or Automatic Logoff, Login Monitoring & user access control, Encryption of data.

What have you attempted to do within Access and what have you presumed is better (and sufficiently) addressed outside of Access. (e.g. is Network Logon sufficient security)

What about protecting mdb or mde files in a split database circumstance?

This can get pretty long-winded - maybe a thread for each issue would be appropriate. Anyone else have thoughts on this.
 
Sort by date Sort by votes
I'll bump this up one time given that I posted over the weekend and maybe it got limited viewing before sliding down the list.
 
Upvote 0 Downvote
I think that given how easy it is to get through the access security, efforts to include an mdw would be time wasted.

Given that, have you ever been contacted by HIPPA? Have you ever heard of anyone getting infractions for breaking rules.

I think on the small database size, which is what access is, you don't have to worry too much about HIPPA.

Put the workload on the network and the security of the office.

Make strong passwords on the network, get a firewall, make the screen time out to a screen saver to prevent people who pass by from viewing data. These efforts will greatly improve many area's that need to be secured within the computer system, rather then just focusing on the Access database. Because HIPPA has been so vauge, you could apply the view that network security also applies to Access security, which it does.

Mark P.
Providing Low Cost Powerful Point of Sale Solutions.
 
Upvote 0 Downvote
Thanks for the response.

Within our applications we have implemented the following:
1. Screen timeouts
2. Failed Login Attempts
3. 'Strong' password (Upper case, lower case, special characters) that is at db level (in addition to network logon)
4. Areas of database (forms/reports) restricted based on users group

However, we have not implemented:
1. Encryption of data
2. Audit Trail
3. (what else have I failed to address?)

So, I was curious what others have done. Also, given Access' inherent limitations does it preclude its use in many HIPAA environments?
 
Upvote 0 Downvote
I think that as long as you have secured the network, what's inside it is considered secure. If Access really wasn't already precluded, there would be a ton of commercial programs out there that need a lot of revamping.

Also there are several applications that use files you can open up and read, that aren't Access based. And they have passed HIPPA, or the EDI rules.

2. There is an Access Audit trail. You can look it up. I've seen it, something microsoft wrote a while ago.

1. Once again, if your network is encrypted, so is your data.

I'm not an authority on the matter though, i just call it like i see it. I've read a bit about it.. not very extensively though.

Mark P.
Providing Low Cost Powerful Point of Sale Solutions.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TheresAlwaysAWay
  • Locked
  • Question
Need help to migrate A2007 DB from old to new server 1
Replies
2
Views
288
TheresAlwaysAWay
TheresAlwaysAWay
SmilyLex
  • Locked
  • Question
thread181-1435685 solution for s
Replies
7
Views
218
SmilyLex
SmilyLex
vba317
  • Locked
  • Question
Access 2010 permissions issue revisited
2
Replies
25
Views
543
dhookom
dhookom
evil1966
  • Locked
  • Question
Old Access Macro not running all steps in Access 2013
Replies
3
Views
229
dhookom
dhookom
djrickel
  • Locked
  • Question
Thread: Macro runs query that exports to Excel, now how to open additional Excel Workbooks?
Replies
2
Views
130
SkipVought
S

Part and Inventory Search

Sponsor

Back
Top