An older client sat down with me to talk about building a web application and site for his new business. He’d recently retired from his previous career and was kind of braggy about it.
Client: That Cadillac parked out front? My company just gave that to me when I retired.
I didn’t really see what that had to do with anything, but okay.
He proceeded to pitch a site in which users would enter all their personal medical information and contact info, which would then be put on a wallet-sized card for emergency uses.
Me: Will this be embedded on a chip or a magstripe?
Client: Oh, no, that’s too complicated. I just want them to submit all the information, which I’ll send to the guy who does the printing and he’ll print it on a card.
Me: Do you have any security for this product? Or encryption?
He gave me a blank look.
Me: Okay, you’ll want to redesign some of this since this project almost certainly run afoul of numerous state and federal patient privacy regulations – to say nothing of the security risk of a lost card. I’d suggest you consider encryption, or a card-reading system or something like that.
Client: No, no, no. That’s too complicated. I just want to print this all on a card. We don’t need to worry about privacy or anything! They own the card!
When I attempted to object, he cut me off.
Client: Do you see that Caddy out front? That means I KNOW what I’m talking about!