[unisog] HIPAA Hybrid Entities and Active Directory

McLaughlin, Bryan bmclaughlin at creighton.edu
Wed Oct 12 14:59:55 GMT 2005


For other Universities that have declared themselves as Hybrid entities
under HIPAA and Microsoft's Active Directory as your Official directory
service; how have you dealt with the covered and non-covered entities
within your AD?  Have you created two separate forests, one for covered
and one for non-covered entities; or have you simply created the
separation via organizational units.

 

At Creighton, our covered and non-covered HIPAA entities are technically
still a single legal entity, but HIPAA requires that we handle each as
if they were separate legal entities and we are struggling to decide how
to define this structure within our Active Directory environment.

 

Any insight, experience, or rationale would be greatly appreciated.

 

Thanks,

 

Bryan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20051012/6a33e3bc/attachment.htm


More information about the unisog mailing list