People say to me go look for it and I can only see the absurd of proprietary software that they use, such windows, Microsoft word, outlook etc.

These are all spyware, talking to a health care professionals is talking with Microsoft too.

  • 2501@lemmy.ml
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    9 months ago

    This. HIPAA laws in the US are strict and well enforced for enterprise.

    • BearOfaTime
      link
      fedilink
      arrow-up
      13
      arrow-down
      4
      ·
      edit-2
      9 months ago

      Sadly HIPAA doesn’t do a great job, but it’s part of the bigger picture.

      Honestly, large hospitals don’t do a great job with IT security, and smaller operations are even worse.

      It’s not the MS spying part (which doesn’t happen in enterprise, because networks are managed) that’s the biggest concern, it’s the overall data management, security policy, encryption non-enforcement, and plain old poorly educated/trained users who are so susceptible to phishing attacks.

      Add that most people think those of us who are security minded are paranoid, and put barriers in their way for no good reason.

      Perfect combination of risk.

      I’ve seen small business management wire $1mil to a criminal because they didn’t follow company protocol.

      These are the same management types you’ll find at any company that isn’t enterprise-level.

      Edit: you’ll find these types in enterprise too, but corp policy/procedure/process prevents them from fowling things up as easily, and they get trained on proper procedure or get pushed out, eventually.