From: hepei on

"david" <david(a)> д����Ϣ����:OnjWOmWyKHA.3536(a)TK2MSFTNGP06.phx.gbl...
> Users should not have access to Windows Explorer, or the
> Command Line, or any general-purpose software, on the
> system which allows them access to the data. You can do
> that by using Terminal Services, or Virtual PC, or dedicated
> workstations.
> Those are general rules for HIPAA anyway, but this stuff is gradually
> being tightened up: 10 years ago you would have gotten away with just
> having policies about proper workstation use, now it's back to
> expecting enforceable 'green screen' security, not just supervision.
> I wouldn't expect everyone to have 'green screen' style workstation
> security at this point, but the world is heading that way, so if you
> are thinking about security now, now is the time to put in place
> the correct systems.
> (david)
> "frank" <frankjlinden(a)> wrote in message
> news:b1bf4277-a22a-4618-959c-5e1a6f3d6b56(a)
>>I have just begun work for a health care entity which uses MS Access
>> for all their client data.
>> The User interfaces are all standard Access Forms and Pages deployed
>> over the Lan using Share Permissions.
>> I will soon begin the task of consolidating and securing these various
>> databases and the solution must be compliant with HIPAA regulations
>> for securing Private Health Information. Can anyone please offer any
>> basic suggestions that I can pursue to properly secure my Access
>> databases in this environment?
>> Also, can Access security be integrated with Active Directory like
>> Thank You.