Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is why in starting up my own little IT services company I'm planning on not serving medical clients.

"HIPAA? I'm sure we're just fine, and no you can't take away my Windows 7 PCs."



I get the feeling big law is just as bad.


I never worked for big law, but medium law is terrible. Partners can just order the IT department to do anything. We had a new head of IT that tried to implement some common sense changes for an organization that handles sensitive data. Basic stuff: Block websites that tend to be malware vectors, don't let users be admins on their own machines, restrict USB storage to certain users, etc. We were forced to override it on the partners machines almost immediately.


Restricting partners usb access? Restricting websites and restricting install permissions.

Overkill and probably the opposite of what they envision an IT department doing.


In my experience with biglaw (a single top 10 firm), their IT and in particular information security was top notch. Having a lot of available capital to work with probably helps.


Which firm?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: