Yeah no shit, and you do think I have a single goddamn bit of influence over my corporation's choice of email client??
They can leech all the data they want from my employer. I don't give a fuck. Never use company assets for personal business as an addendum.
Just be a little more careful with your own stuff, s'all.
Depends on your sector of work. Imagine you’re a therapist or a lawyer…
A lot of healthcare and education institutions use Outlook as well, so I wouldn't be surprised if mental health or legal uses it too. There may be rules about what kind of client/student/patient information can be sent over email, and often there are healthcare/institution specific variants of the office suites which (are supposed to) meet regulatory requirements
I think the other comment applies regardless. Do work things on the work device/account and let the workplace handle any other concerns. When it comes time to discuss alternatives, you can make a case for something else
I mean it even harvests typing data and Outlook also includes calendars etc… It’s really bad.
But yes, I just suggested a re-evaluation of the use of Microsoft Outlook to my company …
What would you get them to use instead? I use Proton personally, but I doubt many companies are using it at scale.
Use geary as a client with a private company selfhosted mailserver.
A company would use a Microsoft 365 plan that includes Outlook for Office 365, not a Windows Mail app. An the MS365 agreement would come with protections of company data from sharing with advertisers.
In other words, I wouldn't worry if my company used Outlook. But never log in to your private mailbox from a corporate device.
Cloud services who want the business of healthcare providers usually offer a separate service for customers who need enhanced privacy.
Google etc have this option.
Also Microsoft has “pay for enterprise control” for businesses. Businesses can pay for their data not to be collected or at least sent to a business controlled server.
All of it is compatible with HIPAA.
How?
There is more than one country on this planet.
Yes, and plenty of them use HIPPA or variants of it as a standard. There will certainly be a control mapping from any other law or standard used and 365 is going to be mostly compatible with them all.
Not trying to dismiss your view, but I am not aware of any country outside US using HIPPA as a standard. I'm also not an expert in this so probably mistaken. Which country are you thinking of?
There are different versions of Outlook depending on your subscription. Companies that do things properly, never see the problematic, "free version" of Outlook. They have very fine control over the features and data collections they enable.
Yes it works pretty fine with stupid O365.
You can basically use whatever mailclient you desire with it.
pretty sure when you bring that up to your company, that another company will have access to internal communication, that they will do something against it. It's a willing data breach.
There's no other company with all the required certification that can replace Microsoft office suite so all corporations are stuck with it and tbh nobody cares.
Perhaps nobody in the US or in jobs with non-sensitive data cares about that. In the EU this could backfire hard against Microsoft.
This aint 365. This is a standalone thing.
There are plenty of other services that have the compliance check boxes. Most of them are garbage, expensive, and don't come with 5% of the other tools that MS does.
There is a choice, and companies choose ms because it is best.
well, as far as you use it just for your work, who cares, right? It's the same as I'd never use Lastpass, my corp use it and even offered it for our personal use :D thanks, but no thanks!
For personal use I would never use any microsoft solution.
Yeah no shit, and you do think I have a single goddamn bit of influence over my corporation's choice of email client??
They can leech all the data they want from my employer. I don't give a fuck. Never use company assets for personal business as an addendum.
Just be a little more careful with your own stuff, s'all.
Depends on your sector of work. Imagine you’re a therapist or a lawyer…
A lot of healthcare and education institutions use Outlook as well, so I wouldn't be surprised if mental health or legal uses it too. There may be rules about what kind of client/student/patient information can be sent over email, and often there are healthcare/institution specific variants of the office suites which (are supposed to) meet regulatory requirements
I think the other comment applies regardless. Do work things on the work device/account and let the workplace handle any other concerns. When it comes time to discuss alternatives, you can make a case for something else
I mean it even harvests typing data and Outlook also includes calendars etc… It’s really bad.
But yes, I just suggested a re-evaluation of the use of Microsoft Outlook to my company …
What would you get them to use instead? I use Proton personally, but I doubt many companies are using it at scale.
Use geary as a client with a private company selfhosted mailserver.
A company would use a Microsoft 365 plan that includes Outlook for Office 365, not a Windows Mail app. An the MS365 agreement would come with protections of company data from sharing with advertisers.
In other words, I wouldn't worry if my company used Outlook. But never log in to your private mailbox from a corporate device.
Cloud services who want the business of healthcare providers usually offer a separate service for customers who need enhanced privacy.
Google etc have this option.
Also Microsoft has “pay for enterprise control” for businesses. Businesses can pay for their data not to be collected or at least sent to a business controlled server.
All of it is compatible with HIPAA.
How?
There is more than one country on this planet.
Yes, and plenty of them use HIPPA or variants of it as a standard. There will certainly be a control mapping from any other law or standard used and 365 is going to be mostly compatible with them all.
Not trying to dismiss your view, but I am not aware of any country outside US using HIPPA as a standard. I'm also not an expert in this so probably mistaken. Which country are you thinking of?
It isn't HIPAA in other countries. But it is similar enough that you can easily find white papers and crosswalks in compliance communities. The difference between HIPAA and gdpr is mostly informed sharing and where that's permissible https://www.microsoft.com/en-us/industry/blog/healthcare/2018/05/14/gdpr-implementation-hipaa-compliance-what-you-need-to-know/
Linked on that page is a PDF example. The execution and requirements are mostly the same.
I see what you mean yes. Some common principles can be found outside of the US
There are different versions of Outlook depending on your subscription. Companies that do things properly, never see the problematic, "free version" of Outlook. They have very fine control over the features and data collections they enable.
Touché.
Why is your corp using the free mail app in windows??
Because it's free in windows.
Let me introduce you to https://davmail.sourceforge.net/
Yes it works pretty fine with stupid O365. You can basically use whatever mailclient you desire with it.
pretty sure when you bring that up to your company, that another company will have access to internal communication, that they will do something against it. It's a willing data breach.
There's no other company with all the required certification that can replace Microsoft office suite so all corporations are stuck with it and tbh nobody cares.
Perhaps nobody in the US or in jobs with non-sensitive data cares about that. In the EU this could backfire hard against Microsoft.
This aint 365. This is a standalone thing.
There are plenty of other services that have the compliance check boxes. Most of them are garbage, expensive, and don't come with 5% of the other tools that MS does.
There is a choice, and companies choose ms because it is best.
well, as far as you use it just for your work, who cares, right? It's the same as I'd never use Lastpass, my corp use it and even offered it for our personal use :D thanks, but no thanks! For personal use I would never use any microsoft solution.