Quote:
|
Originally Posted by Gaybucks
Thanks to both for the clarification. We currently use an in-house Access database but are switching to an in-house PHP/MySQL database which will also have appropriate portions web-accessible to our affiliates using our materials for promotion (the ones who choose not to use our hosted galleries, etc.) in compliance with 4472.
I understand that we can't use a third party to store records offsite. My concern was whether or not the records must physically be *stored* on the office/custodian's premises, or whether they must be *accessible* from there. Our solution (which we developed in-house) does allow a copy of the records to be kept on a local machine (which will be dedicated for that use and no other, in compliance with the regs), but the idea was to keep the primary copy offsite for backup/data security/disaster recovery reasons. Obvilously, an up-to-date copy would have to be maintained locally in case the ISP goes down while the inspection is happening, but other than that, I would think that storing the records offsite would be OK as long as an on-site copy is available.
Also, does anyone know if the law allows *seizure* of the records (which to me means removing them from the office) as opposed to *copying* of the records? I was of the impression they were permitted to copy them but I didn't see anything about seizure (except, of course, if they have evidence of a felony in the records or a search warrant.)
Thanks in advance for any clarification/info.
|
Nothing wrong with keeping a backup.
As for copying vs. seizure. That is a touchy one really. What are you going to do if they do want to take them?
Personally I keep a copy just for that reason. Of course though I would fully expect them to also take my damn PC and other shit to. So I am prepared for that as well.