Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
Re: [hylafax-users] confidential faxes
On Thursday 08 December 2005 12:32, Joe wrote:
> Not necessarily. I'm just looking for a way to have hylafax provide
> confidential faxes. I don't care how (client or server) it gets done,
> just that it gets done. It's a requirement for HIPPA supposedly.
Well, if someone can't spell HIPAA, then they probably have next to no chance
of complying with it :)
The web page idea has legs. I think what you need to do is: Display just the
first page of the fax on the receptionist's screen {I'm guessing only a
human receptionist can decide who the fax is for, otherwise you can
automate-out this step}. This can be done with a simple CGI-script. The
receptionist chooses who the fax belongs to and saves the full content to a
directory {one per recipient}. Also in this directory is a simple
CGI-script to display the fax as a web page, and a .htaccess file which
prevents anyone who doesn't know the password from viewing anything in the
directory.
This is just as secure as e-mail; more so if the web server is https {there
is no reason not to; apache 2 supports this out of the box. You'll hafta pay
for a proper secure certificate if you don't want dire warnings; but even
using the default "Snake Oil" certificate is secure, just not demonstrably
so}.
Note that anyone with the root password can view anyone's faxes; and anyone
with access to the phone line can potentially intercept faxes as they arrive.
It also would be prudent that the partition you use for /tmp is no bigger
than it need be, so done-with data gets overwritten as soon as possible.
--
AJS
____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*