Nihl

Are you really a Dapper Dan man?

That is good news! It should have been done way earlier though

Yet other industries are saddled with yearly audits by several different agencies. We spend an inordinate amount of manpower on audits alone, it consumes probably 2 months out of every year.

Granted, our audits aren't just looking at customer data security but it's a big part of it. Kind of crazy that all the same info is sitting on some small doc's WEP encrypted wifi network just down the street

Just wanted to add I work in IT in a heavily regulated industry, we can't sneeze on our computers without going through a risk assessment.

On the other hand my dad used to work in a doctor's office and needed help getting their wireless printer to work so I go by to help. I see right away the entire office is connected via a WEP secured wifi network. I sent the Dr a nicely worded email that if this was my office I would go to a traditional wired network or at least use WPA2. I explained that any kid sitting in the parking lot could get into the network in about 5 minutes........she thanked me and never did a thing about it.

I even mentioned if HIPAA ever audited her place that would be a pretty big issue to them, problem is HIPAA never audits anyone.