On Thu, 8 Jan 2004, der.hans wrote:
> This isn't HIPAA compliant. HIPAA regs require keeping data secure and
> private. Having a vendor with free reign to access the data isn't keeping it
> secure or private.
>
> HIPAA deals with medical info. Do you really want *any* 3rd party to be able
> to wander in and look at your medical information? Sure, the 3rd party might
> not be looking for your data, but m$ can make copies of the data for
> scrutiny. Who knows what happens once that data leaves the doctor's office.

Just a clarification here - HIPAA only applies to covered entities such as
insurance companies, healthcare providers, doctors, hospitals, etc.  If
you're not one of the aforementioned, you are not required to be HIPAA
compliant.