Re: [Fwd: [Asrg] Verisign: All Your ...

Dean Anderson wrote:

> ...
>
> HIPPA covers _medical_ information. Email addresses are not medical
> information. The email address in an email message is not a medical record
> protected by HIPPA.  Third, the email address is already being disclosed
> to the ISP running the relay.
You keep assuming things and then declaring them as reasons for it to be 
a non-issue.
Your assumptions about my implementation, my customer requirements,
regulatory rulings relatedto HIPPA as it effects the customers license 
to practice, and my
email routing are not true.

> The relevant privacy law involving email is the ECPA, not HIPPA.  Verisign
> is prevented from disclosing the contents of any email, as is the ISP.
> Quite obviously, Verisign is not improperly disclosing any information.
> Contrary assertions are FUD
Name one good reason to run a bogus SMTP server that always rejects
email if it is not their intention to use the data? Why would
anyone accept connections on the SMTP port at all if not to use
the data? There are only two reasons that I can think of; (1)
when they experimented they found that they caused email to back
up one sending systems when sent to bogus hosts and/or (2) they
want the sender email address.

Item (1) means they did find that what they were doing broke
things and they attempted to fix it.

And (2) may be FUD, but there is NO law that keeps them from
collecting the sender email address.

--

Doug Royer                     |   http://INET-Consulting.com 
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com                 | Office: (208)612-INET
http://Royer.com/People/Doug   |    Fax: (866)594-8574
                               |   Cell: (208)520-4044

               We Do Standards - You Need Standards

smime.p7s
Description: S/MIME Cryptographic Signature