[development] Certify Drupal for use in Government (US) Projects

Eric Goldhagen eric at openflows.com
Wed Oct 1 15:52:34 UTC 2008


On Wed, October 1, 2008 11:37 am, Daniel F. Kudwien wrote:
> Back to topic:
>
>> The security review and resolution process at drupal is one
>> of the things that has allowed my company to use drupal as a
>> part of systems that handle ePHI (electronic protected health
>> information) which have been successfully audited as HIPAA
>> (Health Insurance Portability and Accountability Act) compliant. --Eric
>
> This sounds like a handbook page about certifications, policies, and
auditions of Drupal is in order?  Maybe we can add
> consultants/agencies/shops who managed to achieve or approve them for
each
> entry as a reference.  That list might also contain revoked attempts,
and
> would fit best in the "About Drupal" handbook, of course.
>
> Cross-posting this to consulting list.
>
> Daniel
>
>

I'd like to make sure that this discussion happens in one place so it can
be easier to follow. In the future, it would be nice to be asked before a
part of my email is send with no context to another list.

here is what I posted to the consulting list:

I would be glad to participate a discussion about your idea, but let me
start by saying that I'm not comfortable with one paragraph of an email
from me that was part of a lengthy discussion about durpal security issues
crossposted without any additional context.

For those not on the development list, you can read the thread at
http://lists.drupal.org/pipermail/development/2008-October/031097.html to
put my statement in full context of the larger discussion.

--Eric




More information about the development mailing list