Are SharePoint database-attach upgrades still the gold standard of upgrades?

I have completed many successful SharePoint migrations using the database attach method but increasingly seeing the benefits of starting fresh with a new install/configuration and performing manual content migration targeting specific content and bulk tagging on the destination site map. Interested in what others are experiencing in the way of database upgrades verses manual content migrations and third party migration tools.

Primer PHI content on Microsoft SharePoint 2013 and Office 365

Increasingly hearing from customers questions on storing Protected health information or PHI in SharePoint 2013 and Office 365.  Yes, there is a roadmap and implementation guidelines you can follow to store PHI in SharePoint and maintain compliance with HIPPA requirements. 

Microsoft has made information available on their vision for PHI in SharePoint.  I am providing a summary here in case your organization is evaluating SharePoint 2013 and Office365 available features.

PHI content on Microsoft SharePoint 2013:Image

Protected health information or “PHI” “PHI” is a subset of health information, in any media, including demographic information collected from an individual, that is: created or received by a healthcare provider, health plan, employer, or health care clearinghouse; relates to an individual’s health, provision of health care to the individual, or payment for the provision of health care; and identifies an individual or could reasonably be used with other available information to identify an individual. is not specifically excluded from the definition of PHI (generally, education, and employment records are excluded from HIPAA coverage)

PHI includes many common identifiers, such as name, address, and Social Security Number, and can be in any form or media, whether electronic, paper, or oral.

Understanding PHI on SharePoint 2013

Only certain data sets, however, are designated with the appropriate level of security and privacy to comply with the HIPAA security requirements, as described above.

Microsoft strongly recommends that you train your personnel to input PHI only into the appropriately secured and designated areas.

The following data-sets or repositories are suitable for uploading PHI:

PHI Recommended Data Types

  • Email body
  • Email attachment body
  • SharePoint site content
  • Information in the body of a SharePoint file
  • Lync presentation file body
  • IM or voice conversations
  • CRM entity records

Examples of data-sets or repositories not suitable for inclusion of PHI:

    • Email headers, including “From”, “To”*, or “Subject Line”
    • Filenames (including filenames of any attachments or uploaded documents on any Service)
    • URLs, or any public SharePoint websites
    • Account, billing, or service configuration data
    • Internet domain names (e.g., “fabrikam.com”)

     

    Source: http://download.microsoft.com/download/4/4/8/448A7DC4-B3E2-4CAE-8B22-658CF6F58CDF/HLS_O365_Datasheet_R5_031114.pdf

    Additional Links