Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Any healthcare institution is going to have a Business Associate Agreement[1] with Microsoft. OneDrive is one of the allowed/suggested ways to transmit PHI where I work.

[1] https://www.hhs.gov/hipaa/for-professionals/covered-entities...



exactly .... people here suggesting that putting any PHI into an office document is intrinsically a HIPAA violation are bonkers.


Isn't the "Design Ideas" request going to the same Sharepoint server that is storing your doctor's OneDrive?

I didn't capture and inspect the traffic myself, but https://support.office.com/client/53c77d7b-dc40-45c2-b684-81... makes the feature sound like it's built into M365 and not sending data to some centralized web service.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: