The moment a lawyer saves their medical records in a way that unintentionally and without their consent uploads them to OneDrive, they have a pretty solid case to charge Microsoft for a HIPAA violation.
https://www.hipaajournal.com/onedrive-hipaa-compliant/#
Totally feasible to use onedrive.
However I’ve got no sympathy for even a small business to use IT without someone configuring their system in a way that controls this. A lawyer of all people know that knowledge is worth something.
It is feasible to CHOOSE to use OneDrive and take all the proper precautions. We’re talking about home users getting OneDrive data uploaded without their consent through their “push assumed default”, and “giant popup, tiny cancel” setups.
The article you link only says it’s okay when using a OneDrive business plan together with a signed agreement.
You should be, if you’re in a work computer with privileged documents, controlling it with an appropriate level of care. No matter Linux or Windows. If you’re using home and defaults, you’ve failed no matter what.
We’re not talking about work computers. We’re talking about patients - end users who have downloaded documents from their doctor.
These people should not be blamed for using defaults, or for insecure actions happening from their inaction.
I said home computers multiple times and you again replied about work environments. You need to start paying attention.
Ah you’re thinking I’m reading your other comments to other people.
BTW HIPAA is for providers for their patients information handling. Once it’s in the person’s hands, it’s no longer under HIPPA and it no longer applies. If you decide to put your private medical information on a commercial advertisement board on a highway, and it’s not breaking laws to do with acceptable adcertisement (eg gore or smut) you’ll be able to do that to.
Basically theres no expectation for a individual person to adhere to HIPPA for their own personal information storage and it doesn’t apply.
My assumption with your lawyer comment, is this was a insurance or otherwise medical malpractice lawyer who might collect this information for their client cases, since without having client/patient requirements, HIPPA is irrelevant.
The moment a lawyer saves their medical records in a way that unintentionally and without their consent uploads them to OneDrive, they have a pretty solid case to charge Microsoft for a HIPAA violation
Are we talking about the same comment?
Lawyers, once they take off the suit and go home to their kids, are end users, not businesses. It would simply be easier for someone to initiate the lawsuit if they have a background in law.
HIPAA doesn’t even require encryption. It’s considered “addressable”. They just require access be “closed”. You can be HIPAA compliant with just Windows login, event viewer, and notepad.
(Also HIPAA applies to healthcare providers. Adobe doesn’t need to follow HIPAA data protection, though they probably do because it’s so lax, just because you uploaded a PDF of a medical bill to their cloud.)
HIPAA applies to whichever entity consciously chooses to move/store data.
Generally, after a patient downloads a healthcare-related item, they are that entity - and as the patient, they have full control/decisions about where it goes, so they can’t violate their own HIPAA agreement even if they print it and scatter it to the wind.
BUT, if your operating system “decides” to upload that document without the user’s involvement, then Microsoft is that entity - and having not received conscious permission from the patient, would be in violation. It’s an entirely different circumstance if the user is always going through clear prompts, but their more recent OneDrive Backup goal has been extremely forceful and easy to accidentally turn on - even to the point of being hard to disable. As you said, encryption has nothing to do with it.
No. Microsoft is not liable, at least when it applies to HIPAA.
The HIPAA Rules apply to covered entities and business associates.
Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules’ requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information. If a covered entity engages a business associate to help it carry out its health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes specifically what the business associate has been engaged to do and requires the business associate to comply with the Rules’ requirements to protect the privacy and security of protected health information. In addition to these contractual obligations, business associates are directly liable for compliance with certain provisions of the HIPAA Rules.
If an entity does not meet the definition of a covered entity or business associate, it does not have to comply with the HIPAA Rules. See definitions of “business associate” and “covered entity” at 45 CFR 160.103.
https://www.hhs.gov/hipaa/for-professionals/covered-entities/index.html
LOL. You really think Microsoft doesn’t have an army of lawyers ensuring they comply with laws like HIPAA?
When they’re specifically writing business plans designed for hospitals, sure, they can likely account for it. But not when designing end user services that are laissez-faire about user data privacy - on the random things people put in “My Documents”. As with many organizations, it’s very possible the two parts of the corporation don’t talk to each other.
That’s not how it works. Microsoft knows Windows will be used in medical settings. They know “but it’s a product for home users” won’t be an effective defense if they cause a HIPAA violation.
They also should “know” that being forceful about backup prompts, AI features, and major version upgrades will irritate users into switching off their OS, and yet they’re doing it anyway. Logic is not driving their actions; greed for data is.
Microsoft makes is money by selling products and services. Your data is not nearly as valuable as you think it is.
deleted by creator
Why can’t you complain about a company being shit when there are other options?
I don’t use a lot of products, I still complain about them being shit because they deserve the bad press.
So I’m a total Linux noob are there issues with drivers? I have a laptop I would consider doing this on if I wasn’t worried about it breaking.
You can get Mint on a “Live” USB flash drive, so you can boot it up and see if it handles all your hardware before you install anything.
deleted by creator
I solidly refuse to believe you’ve had no issues with WiFi drivers on a laptop. Otherwise, yeah it’s fine.
deleted by creator
I’ve used various Linux distress on a half dozen laptops over rhe last 10 years and I’ve never had Wi-Fi driver issues
Every damn time I get a new laptop I lose hours to WiFi drivers, even then I’ll still occasionally and have no WiFi.
I don’t understand the hatred of OneDrive. Your documents folder redirects to the OneDrive folder. I guess you have a piece of software that has the documents folder hard coded? Be mad at that software.
I haven’t used Windows in a few years (and never used OneDrive), so pinch of salt time, but…
I don’t like the idea of M$ having direct access to all of my files and personal data
That and, there have been mishaps with OD deleting files
Also, i personally don’t like software automagic, especially when i don’t understand what is going on under the hood
Is OD just a folder? Where are my documents actually stored? What happens if my internet goes out? How much do i trust M$ to not bungle something or sell or leak my files?
If it lost your files after constantly fighting you about where to save them, you would.
Plus the whole not asking to install, then begging for money to upgrade a service you never asked for. Until you finally have to waste hours learning how to completely disable it and get it off of every machine you own…
That breeds some resentment.
deleted by creator
I want to have granular control over where my files are stored. If I want them stored in the cloud, I want that to be a choice I consciously make, not something that’s defaulted at the operating system level.
So the hatred isn’t really directed at OneDrive, it’s directed at the fact that the operating system is making decisions for me, and they don’t line up with what I actually want my computer to do.
you can use O&O shut up 10 ++ to disable onedrive completely, also, there’s proton drive.
For the uninitiated (like me before searching for this):
That’s incredible. Gonna try this out when people mention being sick of windows bloat
Gotta combine this with the massgrave activation script to give Microsoft the ultimate finger
What form of esoteric incantation is this?! Witchcraft!
I think they mean Linux
Well…I do wander around in the dark in the woods with my flashlights, I may or may not have happened upon witches and…spent time with them.
I’d like to… Spend some time… with some witches. Know which woods?
They’re kinda picky about what kinds of guys they go for.
It’s a weird all-woman coven and I guess they chose me to be “their man” for…purposes.
I’ll take my chances.
My cousin sister lost all her files to a malicious script on her pendrive, and I am fixing it right now (at the time of writing this). The unreliable pile of crap called OneDrive didn’t even back up properly, and well, Windows has gone so bad, it’s terrible,laggy and slow on a Ryzen 5800U with 8GB of RAM. I wish she was open to learning Linux desktop environments.
I wish more people were open to learning how to properly configure Windows for family members who will likely never switch to Linux.
That shit situation sounds entirely avoidable.
Somewhere, a Genie is howling with laughter at the magnitude of that wasted wish.
I set up my 90 year old grandmother with Ubuntu; she was extremely open to learning. If somebody’s got to learn something, then why not the more useful skill? That’s better for the user, the teacher, and society at large.
Even a lot of young people are simply unwilling to learn something different if there’s any way to avoid it. Your grandmother is not at all typical.
In my family we make fun of those people
My stupid ass phone keeps demanding me to be connected to the internet in order to view photos that I TOOK ON MY PHONE.
Do you by any chance take a lot of photos on a phone that doesn’t have the capacity to store them all locally?
maybe change your gallery app to something else?
Do you have any recommendations? I’m tired of Google begging me to turn on cloud storage for my photos every time I open the photos app.
Aves Libre on F Droid
I’ve been using Aves for a while now, it’s pretty alright.
I use glimpse, which ships by default with lineage os. nit sure if it’s available anywhere. but this one semed pretty neat on a quick try:
https://github.com/IacobIonut01/Gallery
it’s free on fdroid, 2€ on google play which the developer asks to think as a donation
I can’t add much but I have to agree with the above replies, Aves is a wonderful gallery app, it looks good. Nice animations, Albums and Tags, Vaults for when u want to hide specific folders
“Your house, ahahah, nice one! By the way, rent is going up. How much was ‘your’ raise this year?”
Less than the rate of inflation 😮💨 guess I make less this year than last year.
UMMM ACKTUALLY I’ve got several charts that say you’re richer. You must be lying or lazy. /s
The insurance that costs you $200/month, COULD have cost you $700/month (if you chose this exact plan from this exact provider on your own without HR negotiating a bulk discount)
So, you’re not losing $200, you’re EARNING $500!!!
FaMiLy InCoMe Go Up MeAnS YoU aRe Ok!
…ok, but I’m a “family” of one and your stupid fucking metric is counting multiple incomes as one…
the documents folder on the computer that Microsoft has in your house
How much longer till Microsoft uses Windows computers across the world as a botnet. For working on it’s AI. Or some other bullshit.
And you’ll have to pay them a subscription fee to do it. If you don’t pay, your computer is bricked.
lmao its a matter of time before MS decides they need to DDoS someone so hard their data center explodes and they’ll be ready to do it
Not sure if it’s still a thing but I remember they also used windows to distribute updates to other windows PCs in a bittorrent-like fashion.
Honestly that can be a good thing, especially if you have more than one windows PC in your household, it’s only downloading them once then sharing the updates about over the LAN
Ya in the business world that’s what WSUS is/was for
It still does it. The only thing is that the awareness of this feature was spread in a way to make it sound like it was just stealing your internet for nothing (which looking at it one way, it was) so most people just turned it off.
Blizzard used to do that as well with world of Warcraft updates IIRC ( during vanilla )
So does War Thunder. Makes sense from a CDN perspective.
They did, and we’re really up front about it being an opt-in thing, if I remember correctly. Might have started that easy with Microsoft, too. But they can’t resist enshitifying.
When I joined in MoP it was still peer-to-peer by default
And how long before the come into your house, steal your stuff, and kick your dog?
There aren’t enough “got dangs” in this meme
Do I look like I know what a got dang is I just want a hotdog of a gribble. You tell me what about accessories and accessory because Alamo propane is like a got dang ladybird I tell you what
Then don’t use MS Office?
Have to for school. But you can also just press F12 to open the normal save dialog. (I put my school stuff in one drive anyway, I just want them in folders so I need the normal saving system.)
Or uninstall one drive. It’s not rocket surgery and when done correctly I’ve never seen it re-enable itself after an update.
Even with it removed the save menu on office is a pain.
Then don’t use MS
Office?Yep
In 2003 I could have made a living selling subscriptions to 5-GB cloud storage that was tightly integrated into Windows.
I understand why Windows is trying to capture you into it’s cloud ecosystem. Just saying that between M$, Apple, and Google you can do some robust backups, basically for free. And if you’re worried about privacy, just encrypt.
For the agencys to break it as they have been doing? no thx
People who don’t understand technology are hilarious in a sad kind of way.
I actually don’t hate onedrive that much. I’ve used it for a while now and it’s one of the best ways to just share a folder with some people very easily. And they can even use the desktop app and you can all have a cloud synced folder, it’s really convenient for collaborating on projects. I know other things can do this, but few do it as seamlessly.
That said I’m trying pretty hard to ditch it because I hate how Microsoft are just making it the default behaviour without really making it apparent that all your documents just get uploaded to their servers. I hope proton drive gets the features I need soon,.
It’s not about whether the product is good or bad. It’s about the way they maliciously and deceptively try to push it on people.
Yes, I agree. I’m trying to rid myself of as much as I can, but unfortunately it’s not always practical.
Always hated how MS forces you to use their shit … I mean I get it, most wouldn’t chose to use them as they are indeed shit
I have OneDrive limited to a single swap meat folder aptly called “dumpster” and it still fucks it up weekly
You can disable it in the registry. H key local machine, software, policy, microsoft, windows, OneDrive, disable sync value change from 0 to 1 and it will turn it off. I may be a little off this was just from memory.
deleted by creator
That’s just an NTLite build, if you want to uninstall those things do it yourself (either with NTLite and an ISO or through command prompt like any other software)
This is why i went to Linux. This stuff needs to stop.
