What are HIPAA's encryption requirements?

There's a lot of assumptions about what HIPAA states when it comes to encryption, be it over the wire, files, whatever. The fact is that HIPAA makes absolutely no requirements for encryption*, just that if there's reasonable risk, it must have encryption. What kind of encryption? What sort of strength? It does not specify*.

So to break it down:

  • Does HIPAA require encryption? No, unless there's a reasonable risk something could be read, as in over a network or what have you
  • What sort of encryption does HIPAA require? Essentially anything.

My suggestions though are:

  • You should use encryption in as many places as possible, especially if devices are storing information, almost all HIPAA data violations come from people losing laptops or whatever and the drives aren't encrypted. You can use something like TrueCrypt or even Windows EFS.
  • I suggest PGP since it's so widely implemented and available, and SSL for networks, etc since again, implementation is widely available. Where not available you can tunnel over things such as encrypted VPN connections as well.

* Source: HIPAA 45 CFR § 164.312(a)(2)(iv) and (e)(2)(ii).

By the way: IANAL/TINLA

So, what the hell is type casting anyway?

Casting is a way to take a liquid and mold it int… oh yeah

So casting is just a fancy way to refer to type conversion, that is where you change the "type" of a variable from one thing to another. For example changing a string to an integer.

How about some examples? Is that what you want?

OK, fine, you talked me into it. Here are some PHP examples:

So, who cares? What's the point?

Well, depending on what you're wanting to do, it's important to change the type, and this is especially true in languages where there is no dynamic typing (like C#) and it's still useful in languages with dynamic typing like PHP, because it allows for one to avoid potential issues with mathematics, concatenation, etc. Aside from math related things, in PHP I use (int) a lot to clean up variables for SQL queries for both safety and also so MySQL doesn't have to convert the types itself.

You can learn more about type casting in PHP specifically and why it's a great way to do certain things here: Casting int faster than intval in PHP.

A terribly uninformative guide to cross connect boxes, RTUs, SLCs

For some reason beyond me, in all of the years I've messed around with phones, be it working with them or doing things as a hobby, I can never remember the name for this:

MVC-904Fb

So I wanted to create this post so in the future when I go brain dead I don't have to go search around for it for 10 minutes. It breaks down like this:

  • Cross Box or Cross-Connect Box – Most common name, but in Ma Bell terms it usually refers to ones slightly smaller which contain jumpers from customer to the central office. These aren't to be confused with VRAD which are similar, but smaller, and often sometimes next to cross boxes or remote terminals.
  • Remote Terminal – Also sometimes called this, and so-called because they were like a tiny remote central office. These, unlike regular cross boxes, have slots for cards of what kind of circuit was being installed. For example a SDN line would have a card that takes two slots. Another sign of a Remote Terminal Unit versus a regular Cross Box is that RTUs have batteries in them. Some RTUs are bigger and are buried underground with sump-pumps and air conditioners and fancy stuff.

    Everyone loves slots
    Slots inside a Remote Terminal, a more modern one, smaller, at an industrial site.
  • SLC or SLC96 – Sometimes referred to as this, but these contained pair gain multiplex equipment in them. SLC itself stands for "subscriber loop carrier" or "subscriber line carrier". The 96 though refers to the fact it broke down into 96 lines.

And there we go, things I can never remember.

Thanks a lot to the phone woman for some extra insights into this post.

Casting int faster than intval in PHP

For years I've been using intval($var) for being sure something is an integer, and sometimes using (int)$var to cast it into an integer, which essentially does the same thing — learn what casting is.

I'm here to tell you that unless you require the second parameter of intval(), which changes the base, then you should be casting instead.

In the case of casting int, it's about 300% or 3 times as fast as using intval(), and if you use it a lot like I do, for example in setting the correct type/checking for SQL queries, then it's time to switch. I know I am.

You can also pile them up if you want, for example:

$var = (int)(bool)$var;

This will change strings of "1" and "0", actual numbers of 1 and 0, boolean values, and null to True and False (Null is always False). Pretty useful if you've got a bit or tinyint(1) for pseudo-bool columns in your database or what have you, clean it up real nice.

It's sort of strange too because in other languages I always cast when available, but for some reason in PHP I got in the habit of using intval(), floatval(), etc.

Available casts:

Let them learn COBOL / PHP isn't evil

I received this in my inbox earlier:

What programming languages should a modern-day programmer have in his/her arsenal? (Quora)

OK, fine, now I'm forced to evangelize for PHP, this puts me in a really painful position, but since I'm apparently the only person

Give me some of those Valley trends, baby
Give me some of those Valley trends, baby

reading this who can think for myself instead of freebasing whatever the Valley tells me to use, here we go…

The general theme seems to be to either learn a pretty hardcore language like C or C++ which won't benefit most people right away these days, since there's almost no excuse to make classic applications anymore. I think if anything it will discourage some people from learning to program since they have to spend a lot of time learning to clean up garbage, compiling, debugging, etc. Way to ruin their fun by making them spend all that time on a language better suited for drivers than web or phone apps.

Promoting Java is also a thing for some reason, I thought we were trying to kill this language? It's still used by a lot of places, but so is COBOL. In fact there's still a ton of places that use COBOL, so why not promote it? Probably because it doesn't come with a hipster mustache and a really tall bicycle.

If it's about job security, automatically Python and Ruby were a terrible suggestion, same with Erlang. You might as well be one of those skinny guys promoting Lisp.

A huge one though is promoting Python (and sometimes Ruby), blindly suggesting it's the best way to go without consideration for how huge of a pain in the ass it is to start a project. The syntax of the language(s) is very easy and the language itself quite powerful, but also slower than other options, harder to get going, and not widely supported. Starting a project in Python is about as difficult as starting a car by putting the engine in the car first. Turnkey? Hell no. You can get used to it, take some shortcuts, etc, but really for a new person, it's a nightmare.

It's really a hipster language, and Monty Python isn't funny, I'm just saying, it really isn't, I mean, seriously.

That's unrelated to this topic, but since Python is named after it, I felt it was important for me to communicate that it's just … knights who say Ni? yeah, fucking falling over laughing. Monty Python films had a few snicker moments here and there, but it was mostly diarrhea (or diarrheoa). I liked Flying Circus much better, why don't many people talk about that?

Yes, I've seen all of the popular films, and no I didn't laugh. I didn't go into expecting it to be about as funny as a hernia operation either. I had thought they would be funny since that's what people were saying, and after wasting about six hours of my life I realized: holy shit, I didn't laugh once. No, I mean that literally, I didn't laugh one time. A few smiles, sure, but not much else.

Anyway, where was I? Oh yeah, terrible ideas…

Some other promotions for assembly, as if it's 1977 or something.

In general though there was a lot of PHP hate spread through the entire thread, mostly that it was bad, but nobody ever saying why, it just is. That's a lot of bullshit. It's because PHP is widely used, widely available, and despite their claims PHP has made a massive amount of headway over the last few years, and is only getting better.

Much of the complaints about PHP people have are true.. if you've fallen out of a time machine from 2004. Hating PHP is like hating MySQL, it's just easier to ignore the last decade and pretend nothing ever changes, then go on to promote your slower, less widely available, much cooler alternatives of Python and PostgreSQL.

It's just the toxic runoff coming from the Valley of essentially acting like Pookie for anything cool coming out of the Valley, Bay Area, etc. And hey, I've lived in the Bay Area, so that makes me an authority on everything there.

I don't mind the C# suggestion, I don't like the platform limitations. Yeah there's mono, but seriously, yeah, who cares. C# has a lot of things like static typing that I wish PHP had, but Hack from Facebook does add a lot of those features right back into PHP and many of those will be moved into core PHP over the next couple of years.

The blinding hatred of PHP out there causes people to promote things in a manner which can slow newcomers down. PHP sure isn't perfect and there are of things I'd change about PHP, but it's faster, extremely powerful, and most importantly easy as hell to get going.

I'm of the mind though if we're going to want to stop people from learning to program, then yes, let's promote Python, Ruby, Erlang (what the fuck are you promoting this for, do people making small sites really need message queues? Don't be an asshole.), and while we're at it Java. Languages which can be easy at face value, easy in syntax, but a pain in the ass to get going and deal with, not to mention slower. Except Java and Erlang, those can be pretty fast.

So reasons not to learn PHP?

  1. It's not really cool
  2. It's not the steam punk of languages like Python, so you don't get a stupid ass top hat with goggles and proclaim you're awesome
  3. It's making headway faster than most languages, some of which aren't even changing or improving at all any more.
  4. It's widely available, i.e. essentially everywhere, so you're not held hostage by host availability
  5. It will help you learn C-style syntax which you can more easily pass on to other languages like JavaScript (also used on the web), plus countless other languages like C, C++, Java, C#, etc

Python and Ruby aren't bad to have in your arsenal, but blindly suggesting them first, when C-style languages is king is just ridiculous. Meanwhile the most popular web language being PHP, which is a C-style language, oh no, don't use that, it's bad just because it's bad, I mean, no reasons listed here, it just is.

Anyway, now a choice, spend 10 seconds starting a PHP project or spend half an hour setting up a Python environment and prepping shit just to get coding, and I mean really coding, throwing things directly to the interpreter isn't how you make real projects, it's how you demonstrate the language without making it obvious how much of a pain in the ass it is.

I'll use the language best suited for the situation, I'm not going to blindly dislike something because a broader community of self-deluded permanent man-children hate it.

My choices of languages:

  • PHP
  • JavaScript / node.js
  • Ruby
  • C#

My choice of languages in 2004:

  • Perl
  • C++
  • PHP

My choice of languages in 1997:

  • Perl
  • C++
  • Visual Basic

Nope, shit never changes, I'll just use Python forever and tell everyone that's all I've ever loved.

I hope you can appreciate the irony of blind hatred and ignorance of modern PHP meanwhile essentially doing the same thing with Python. That's my point, when it's turned around, it's obvious how idiotic you look.