[asterisk-biz] NuFone comes through

Matthew Rubenstein email at mattruby.com
Fri Dec 8 11:19:52 MST 2006 

	Security and HIPPA compliance are two related, but different questions.
HIPPA allows private medical data to be communicated across the PSTN
without special protection. The public Internet is not allowed without
extra, compliant security tech.

	So while your points are correct about PSTN insecurity, HIPPA doesn't
take them into account. Since we're discussing HIPPA in this thread, the
distinction is important.


On Fri, 2006-12-08 at 11:07 -0700, Harry McGregor wrote:
> Hi,
> 
> For some reason, everyone freaks out when something touches TCP/IP or
> the internet.
> 
> PSTN is not tamper proof, it's very easy to add a tap to almost anyone's
> house.
> 
> I dealt with a credit card company recently (HSBC) that when you sign up
> for web access to your account (with SSN, billing zip, and card number),
> they insist on mailing you two letters, one with a temporary username,
> and another with a temporary password, to your billing address.
> 
> If you called the number on the back of the card, you could get balance
> info, purchase info, etc, all from the automated voice system.  All you
> needed was the card number, and the billing zip code.  No last 4 of the
> ssn, nothing.  They want to look like they are being secure for
> "internet" banking, but good old bank by phone, well no one really cares
> about that.
> 
> I would far prefer encrypted VoIP, or VoIP on a dedicated Vlan over
> copper interconnects that are easily tapped within a building.
> 
> VoIP telco connects I still not sure about, but even that, if encrypted,
> I can't see it as being any less secure than PSTN connectivity.
> 
>                                               Harry
> 
> 
> Mike Hammett wrote:
> > Well, does HIPPA go into how Verizon, AT&T, Embarq, mom&pop, etc.
> > run\operate their telco?  If your client is passing off to a telephone
> > provider, does it matter what happens from there?
> >
> >
> > ----
> > Mike Hammett
> > Intelligent Computing Solutions
> > http://www.ics-il.com
> 
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
-- 

(C) Matthew Rubenstein

More information about the asterisk-biz mailing list