EHR Promises Yet to Be Realized
December 1, 2015
Electronic health records (EHRs) were to bring us reductions in cost and, just as importantly, seamless record-sharing between health-care providers. “Epic Fail” at Mother Jones explains why that has yet to happen. The short answer: despite government’s intentions, federation is simply not part of the Epic plan; vendor lock-in is too profitable to relinquish so easily.
Reporter Patrick Caldwell spends a lot of pixels discussing Epic Systems, the leading EHR vendor whose CEO sat on the Obama administration’s 2009 Health IT Policy Committee, where many EHR-related decisions were made. Epic, along with other EHR vendors, has received billions from the federal government to expand EHR systems. Caldwell writes:
“But instead of ushering in a new age of secure and easily accessible medical files, Epic has helped create a fragmented system that leaves doctors unable to trade information across practices or hospitals. That hurts patients who can’t be assured that their records—drug allergies, test results, X-rays—will be available to the doctors who need to see them. This is especially important for patients with lengthy and complicated health histories. But it also means we’re all missing out on the kind of system-wide savings that President Barack Obama predicted nearly seven years ago, when the federal government poured billions of dollars into digitizing the country’s medical records. ‘Within five years, all of America’s medical records are computerized,’ he announced in January 2009, when visiting Virginia’s George Mason University to unveil his stimulus plan. ‘This will cut waste, eliminate red tape, and reduce the need to repeat expensive medical tests.’ Unfortunately, in some ways, our medical records aren’t in any better shape today than they were before.”
Caldwell taps into his own medical saga to effectively illustrate how important interoperability is to patients with complicated medical histories. Epic seems to be experiencing push-back, both from the government and from the EHR industry. Though the company was widely expected to score the massive contract to modernize the Department of Defense’s health records, that contract went instead to competitor Cerner. Meanwhile, some of Epic’s competitors have formed the nonprofit CommonWell Health Alliance Partnership, tasked with setting standards for records exchange. Epic has not joined that partnership, choosing instead to facilitate interoperability between hospitals that use its own software. For a hefty fee, of course.
Perhaps this will all be straightened out down the line, and we will finally receive both our savings and our medical peace of mind. In the meantime, many patients and providers struggle with changes that appear to have only complicated the issue.
Cynthia Murrell, December 1, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Interview with Informatica CEO
November 26, 2015
Blogger and Datameer CEO Stefan Groschupf interviews Anil Chakravarthy, acting CEO of Informatica, in a series of posts on his blog, Big Data & Brews. The two executives discuss security in the cloud, data infrastructure, schemas, and the future of data. There are four installments as of this writing, but it was an exchange in the second iteration, “Big Data Brews: Part II on Data Security with Informatica,” that captured our attention. Here’s Chakravarthy’s summary of the challenge now facing his company:
Stefan: From your perspective, where’s the biggest growth opportunity for your company?
Anil: We look at it as the intersection of what’s happening with the cloud and big data. Not only the movement of data between our premise and cloud and within cloud to cloud but also just the sheer growth of data in the cloud. This is a big opportunity. And if you look at the big data world, I think a lot of what happens in the big data world from our perspective, the value, especially for enterprise customers, the value of big data comes from when they can derive insights by combining data that they have from their own systems, etc., with either third-party data, customer-generated data, machine data that they can put together. So, that intersection is good for, and we are a data infrastructure provider, so those are the two big areas where we see opportunity.
It looks like Informatica is poised to make the most of the changes prompted by cloud technology. To check out the interview from the beginning, navigate to the first installment, “Big Data & Brews: Informatica Talks Security.”
Informatica offers a range of data-management and integration tools. Though the company has offices around the world, they maintain their headquarters in Redwood City, California. They are also hiring as of this writing.
Cynthia Murrell, November 26, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Do Not Go Gently into That Dark Web
November 26, 2015
The article titled Don’t Toy With The Dark Web, Harness It on Infoworld’s DarkReading delves into some of the misconceptions about the Dark Web. The first point the article makes is that a great deal of threats to security occur on the surface web on such well-known sites as Reddit and social media platforms like Instagram. Not only are these areas of the web easier to search without Tor or I2P, but they are often more relevant, particularly for certain industries and organizations. The article also points out the harm in even “poking around” the Dark Web,
“It can take considerable time, expertise and manual effort to glean useful information. More importantly, impromptu Dark Web reconnaissance can inadvertently expose an organization to greater security risks because of unknown malicious files that can infiltrate the corporate network. Additionally, several criminal forums on the Dark Web utilize a “vouching” system, similar to a private members club, that might require an investigator to commit a crime or at least stray into significantly unethical territory to gain access to the content.”
A novice could easily get into more trouble than they bargained for, especially when taking receipt of stolen goods is considered a felony. Leave the security work to professionals, and make sure the professionals you employ have checked out this Dark Web reading series.
Chelsea Kerwin, November 26, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
ACA Application Process Still Vulnerable to Fraudulent Documents
November 20, 2015
The post on Slashdot titled Affordable Care Act Exchanges Fail to Detect Counterfeit Documentation relates the ongoing issue of document verification within the Affordable Care Act (ACA) process. The Government Accountability Office) GAO submitted fake applications to test the controls at the state and federal level for application and enrollment in the ACA. The article states,
“Ten fictitious applicants were created to test whether verification steps including validating an applicant’s Social Security number, verifying citizenship, and verifying household income were completed properly. In order to test these controls, GAO’s test applications provided fraudulent documentation: “For each of the 10 undercover applications where we obtained qualified health-plan coverage, the respective marketplace directed that our applicants submit supplementary documentation we provided counterfeit follow-up documentation, such as fictitious Social Security cards with impossible Social Security numbers, for all 10…”
The GAO report itself mentions that eight of the ten fakes were failed at first, but later accepted. It shows that among the various ways that the fake applications were fraudulent included not only “impossible” Social Security Numbers, but also duplicate enrollments, and lack of employer-sponsored coverage. Ultimately, the report concludes that the ACA is still “vulnerable.” Granted, this is why the GOA conducted the audit of the system, to catch issues. The article provides no details on what new controls and fixes are being implemented.
Chelsea Kerwin, November 20, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Facebook Acts in Its Own Best Interest
November 19, 2015
The article titled Petition: Facebook Betrayed Us By Secretly Lobbying for Surveillance Bill on BoingBoing complains that Facebook has been somewhat two-faced regarding privacy laws and cyber surveillance. The article claims that Facebook publicly opposed the Cybersercurity Information Sharing Act (CISA) while secretly lobbying to push it through. The article explains,
“Facebook has come under public fire for its permissive use of user data and pioneering privacy-invasive experiments in the past. They have also supported previous versions of the cybersecurity info-sharing bills, and their chief Senate lobbyist, Myriah Jordan, worked as General Counsel for CISA’s sponsor, Senator Richard Burr, immediately before moving to Facebook. Facebook has declined to take a public position on CISA, but in recent days sources have confirmed that in fact Facebook is quietly lobbying the Senate to pass it.”
This quotation does beg the question of why anyone would believe that Facebook opposes CISA, given its history. It is, after all, a public company that will earn money in any acceptable way it can. The petition to make Facebook be more transparent about its position on CISA seems more like a request for an apology from a company for being a company than anything else.
Chelsea Kerwin, November 19, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Icann Is an I Won’t
November 16, 2015
Have you ever heard of Icann? You are probably like many people within the United States and have not heard of the non-profit private company. What does Icann do? Icann is responsible for Internet protocol addresses (IP) and coordinating domain names, so basically the company is responsible for a huge portion of the Internet. According to The Guardian in “The Internet Is Run By An Unaccountable Private Company. This Is A Problem,” the US supposedly runs the Icann but its role is mostly clerical and by September 30, 2015 it was supposed to hand the reins over to someone else.
The “else” is the biggest question. The Icann community spent hours trying to figure out who would manage the company, but they ran into a huge brick wall. The biggest issue is that the volunteers want Icann to have more accountability, which does not seem feasible. Icann’s directors cannot be fired, except by each other. Finances are another problem with possible governance risks and corruption.
A supposed solution is to create a membership organization, a common business model for non-profits and will give power to the community. Icann’s directors are not too happy and have been allowed to add their own opinions. Decisions are not being made at Icann and with the new presidential election the entire power shift could be off. It is not the worst that could happen:
“But there’s much more at stake. Icann’s board – as ultimate authority in this little company running global internet resources, and answerable (in fact, and in law) to no one – does have the power to reject the community’s proposals. But not everything that can be done, should be done. If the board blunders on, it will alienate those volunteers who are the beating heart of multi-stakeholder governance. It will also perfectly illustrate why change is required.”
The board has all the power and the do not have anyone to hold them accountable. Icann directors just have to stall long enough to keep things the same and they will be able to give themselves more raises.
Whitney Grace, November 16, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Takes Aim at Internet Crime
November 12, 2015
Google has a plan to thwart Internet crime: make it too expensive to be worth it. The company’s Online Security Blog examines the issue in “New Research: The Underground Market Fueling For-Profit Abuse.” The research was presented last June at the Workshop on the Economics of Information Security 2015; I recommend those interested check out the full report here.
The post describes the global online black market that has grown over the last ten years or so, where criminals trade in such items as stolen records, exploit kits, scam hosting, and access to compromised computers. The profit centers which transfer the shady funds rest upon an infrastructure, the pieces of which cost money. Google plans to do what it can to increase those costs. The write-up explains:
“Client and server-side security has dominated industry’s response to digital abuse over the last decade. The spectrum of solutions—automated software updates, personal anti-virus, network packet scanners, firewalls, spam filters, password managers, and two-factor authentication to name a few—all attempt to reduce the attack surface that criminals can penetrate. While these safeguards have significantly improved user security, they create an arms race: criminals adapt or find the subset of systems that remain vulnerable and resume operation.
“To overcome this reactive defense cycle, we are improving our approach to abuse fighting to also strike at the support infrastructure, financial centers, and actors that incentivize abuse. By exploring the value chain required to bulk register accounts, we were able to make Google accounts 30–40% more expensive on the black market. Success stories from our academic partners include disrupting payment processing for illegal pharmacies and counterfeit software outlets advertised by spam, cutting off access to fake accounts that pollute online services, and disabling the command and control infrastructure of botnets.”
Each of the links in the above quote goes to an in-depth paper, so there’s plenty of material to check out there. Society has been trying for centuries to put black markets out of business. Will the effort be more successful in the virtual realm?
Cynthia Murrell, November 12, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Amazon Punches Business Intelligence
November 11, 2015
Amazon already gave technology a punch when it launched AWS, but now it is releasing a business intelligence application that will change the face of business operations or so Amazon hopes. ZDNet describes Amazon’s newest endeavor in “AWS QuickSight Will Disrupt Business Intelligence, Analytics Markets.” The market is already saturated with business intelligence technology vendors, but Amazon’s new AWS QuickSight will cause another market upheaval.
“This month is no exception: Amazon crashed the party by announcing QuickSight, a new BI and analytics data management platform. BI pros will need to pay close attention, because this new platform is inexpensive, highly scalable, and has the potential to disrupt the BI vendor landscape. QuickSight is based on AWS’ cloud infrastructure, so it shares AWS characteristics like elasticity, abstracted complexity, and a pay-per-use consumption model.”
Another monkey wrench for business intelligence vendors is that AWS QuickSight’s prices are not only reasonable, but are borderline scandalous: standard for $9/month per user or enterprise edition for $18/month per user.
Keep in mind, however, that AWS QuickSight is the newest shiny object on the business intelligence market, so it will have out-of-the-box problems, long-term ramifications are unknown, and reliance on database models and schemas. Do not forget that most business intelligence solutions do not resolve all issues, including ease of use and comprehensiveness. It might be better to wait until all the bugs are worked out of the system, unless you do not mind being a guinea pig.
Whitney Grace, November 11, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Drone and Balloon WiFi Coming to the Sky near You
November 10, 2015
Google and Facebook have put their differences aside to expand Internet access to four billion people. Technology Review explains in “Facebook;s Internet Drone Team Is Collaborating With Google’s Stratospheric Balloons Project” how both companies have filed documented with the US Federal Communications Commission to push international law to make it easier to have aircraft fly 12.5 miles or 20 kilometers above the Earth, placing it in the stratosphere.
Google has been working on balloons that float in the stratosphere that function as aerial cell towers and Facebook is designing drones the size of aircraft that are tethered to the ground that serve the same purpose. While the companies are working together, they will not state how. Both Google and Facebook are working on similar projects, but the aerial cell towers marks a joint effort where they putting aside their difference (for the most part) to improve information access.
“However, even if Google and Facebook work together, corporations alone cannot truly spread Internet access as widely as is needed to promote equitable access to education and other necessities, says Nicholas Negroponte, a professor at MIT’s Media Lab and founder of the One Laptop Per Child Project. ‘I think that connectivity will become a human right,’ said Negroponte, opening the session at which Facebook and Google’s Maguire and DeVaul spoke. Ensuring that everyone gets that right requires the Internet to be operated similar to public roads, and provided by governments, he said.”
Quality Internet access not only could curb poor education, but it could also improve daily living. People in developing countries would be able to browse information to remedy solutions and even combat traditional practices that do more harm than good.
Some of the biggest obstacles will be who will maintain the aerial cell towers and also if they will pose any sort of environmental danger.
Whitney Grace, November 10, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
CEM Platform Clarabridge 7 Supports Silo Elimination
November 10, 2015
The move to eliminate data silos in the corporation has gained another friend, we learn in Direct Marketing News’ piece, “Clarabridge Joins the Burn-Down-the-Silos Movement.” With their latest product release, the customer experience management firm hopes to speed their clients’ incorporation of business intelligence and feedback. The write-up announces:
“Clarabridge today released Clarabridge 7, joining the latest movement among marketing tech companies to speed actionability of data intelligence by burning down the corporate silos. The new release’s CX Studio promises to provide users a route to exploring the full customer journey in an intuitive manner. A new dashboard and authoring capability allows for “massive rollout,” in Clarabridge’s terms, across an entire enterprise.
“Also new are role-based dashboards that translate data in a manner relevant to specific roles, departments, and levels in an organization. The company claims that such personalization lets users take intelligence and feedback and put it immediately into action. CX Engagor expedites that by connecting business units directly with consumers in real time.”
We have to wonder whether this rush to “burn the silos” will mean that classified information will get out; details germane to a legal matter, for example, or health information or financial data. How can security be applied to an open sea of data?
Clarabridge has spent years developing its sentiment and text analytics technology, and asserts it is uniquely positioned to support enterprise-scale customer feedback initiatives. The company maintains offices in Barcelona, London, San Francisco, Singapore, and Washington, DC. They also happen to be hiring as of this writing.
Cynthia Murrell, November 10, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
