Group items tagged

Further proof that LA has it head in the clouds - A plan to overhaul the city of Los Angeles' computer system is raising concerns about the security of confidential information. The nation's second-largest city is considering dumping its in-house computer network for Google Inc. e-mail and office programs that are accessed over the Internet. But the city police union says it doesn't have enough information to determine if sensitive witness and investigation files will be secure from hackers. Google spokeswoman Aviva Gilbert says security "is built into the DNA of our products."

A plan to overhaul the city of Los Angeles' computer system is raising concerns about the security of confidential information. The nation's second-largest city is considering dumping its in-house computer network for Google Inc. e-mail and office programs that are accessed over the Internet. But the city police union says it doesn't have enough information to determine if sensitive witness and investigation files will be secure from hackers. Google spokeswoman Aviva Gilbert says security "is built into the DNA of our products."

"Part one of a two-part series: Facebook, the global phenomenon in Web-based social media, rolled out a massive overhaul of its privacy protection policies and technology this week-and in so doing may have drawn up a playbook for healthcare as well, industry experts say. The privacy upgrade gives its 350 million worldwide users increased control over who has access to some of, but not all, the information on their personal pages. These new, so-called "granular" controls-specifically those embedded in the site's "publisher" function, which enables a user to post new material to his or her Facebook pages-reach down to the level of discrete data elements. The new controls, for example, allow a user to restrict who gets to see each newly posted photo or typed comment"

"The U.S. Supreme Court Monday will hear arguments for and against the constitutionality of the oversight board established to monitor public company financial activity as part of the Sarbanes-Oxley regulation. The Sarbanes-Oxley Act was created and enacted into law partly in response to corporate accounting scandals such as Enron and WorldCom. The regulatory standard set out to reduce such fraudulent financial activities and provide an oversight mechanism for public companies. Part of the law includes the establishment of the Public Company Accounting Oversight Board (PCAOB), which consists of five members appointed by the Securities and Exchange Commission (SEC). The arguments to be heard this week relate directly to the PCAOB. While set up to regulate financial accounting at companies, those opposed to the board's powers argue that because its members are not appointed by the president, the board's control is unconstitutional based on the country's tenets of three branches of government. The challengers to the law say that the PCAOB lacks the presidential control required for executive branch agencies because the five members are appointed by the SEC, which doesn't fall under presidential powers. As a private agency in essence, the PCAOB is able to act as a government authority, which the Free Enterprise Fund believes to be unconstitutional. "

In a move that could reshape the federal government's cybersecurity efforts, President Obama on Monday said a former Booz Allen consultant would conduct an immediate two-month review of all related agency activities. The announcement indicates that the White House's National Security Council may wrest significant authority away from the U.S. Department of Homeland Security, which weathered withering criticism last fall for its lackluster efforts. Obama selected Melissa Hathaway, who worked for the director of national intelligence in the Bush administration and was director of an multi-agency "Cyber Task Force," to conduct the review with an eye to ensuring that cybersecurity efforts are well-integrated and competently managed. "The president is confident that we can protect our nation's critical cyber infrastructure while at the same time adhering to the rule of law and safeguarding privacy rights and civil liberties," said John Brennan, the president's homeland security adviser. Hathaway's appointment comes as Obama plans to overhaul the National Security Council, expanding its membership and effectively centralizing more decision-making in the White House staff. That would vest more authority in a staff run by James L. Jones, a former Marine Corps commandant who warned at a speech in Munich over the weekend that terrorists could use "cyber-technologies" to cause catastrophic damage. During a panel discussion that CNET News wrote about last fall, Hathaway defended Homeland Security's efforts to develop what it called a National Cyber Security Initiative, saying there was "unprecedented bipartisan support" for it. "Over the past year cyber exploitation has grown more sophisticated, more targeted, and we expect these trends to continue," she added. "Our cybersecurity approach to date has not kept up with the threats we've seen."

A leading technology advisor to President Obama said in a research note for his investment firm today that privacy and net neutrality will be among the biggest telecommunications issues facing the Federal Communications Commission and the administration going forward. Analyst Blair Levin, who was the co-lead of Obama's technology and innovation team along with nominated FCC Chair Julius Genachowski, wrote in a Stifel Nicolaus research note that the economic crisis and change of administration will shift the focus of telecom policy away from traditional phone companies to "Internet/edge" players. Indeed, Google and other Web video and voice companies like Skype have been increasingly active in recent years at the FCC, pushing particularly for net neutrality rules that would prevent carriers from blocking or charging more for certain content that travels over the Web. Levin said in a note that net neutrality will emerge again as an issue in the new administration for wireless networks. On the other hand, there won't likely be a push for new net neutrality rules for cable, DSL, and fiber network carriers at the FCC. "(There is a) consensus emerging that disputes about whether a wireline network management tool is 'reasonable' (or is actually blocking or degrading traffic) to be resolved on a case-by-case basis," Levin wrote in the note with analysts Rebecca Arbogast and David Kaut. It would be a tough climb to impose rules that force wireless carriers to open their networks. Apple and AT&T successfully argued to lawmakers and regulators to keep their exclusive iPhone contract. Skype's petition to the FCC to force carriers to allow any handset or software to operate on any network was shot down by former FCC Chairman Kevin Martin. He said the biggest "sleeper" issue will be privacy. With a major overhaul of healthcare records to the Web, the rise in behavioral advertising and cloud computing, where information is stored in computers strung across many geographies

Electronic medical recordkeeping may not cut the overall cost of care, but by eliminating redundant procedures and reducing errors, quality may be improved. When physician Andrew Wiesenthal needs to work out a problem, he runs around Lake Merritt, across the street from his Oakland (Calif.) office at Kaiser Permanente. As one of the main drivers behind Kaiser's decades-long, multibillion-dollar effort to overhaul the way patient health records are kept, Wiesenthal has had a lot of laps to run. Doctors and other medical professionals across the country will be working through similar challenges in the coming years. President Barack Obama plans to spend $17.2 billion to induce care providers to maintain patient records electronically, scrapping the current paper-based system. The Obama Administration wants electronic health records for every American by 2014. Obama's predecessor also made a big push for electronic recordkeeping, and many doctors and hospital administrators see upgrading recordkeeping as a good way to improve care. Yet, fewer than 2% of acute care hospitals have a comprehensive electronic health record system in place, with another 8% to 12% using a basic system, according to a study published by The New England Journal of Medicine in March. Adoption isn't much better among physicians. Only 4% have a comprehensive system in place, with another 13% using basic systems, according to a study published in the journal in July. Kaiser Permanente is one of the few exceptions. Today, all of its medical clinics and two-thirds of its hospitals operate in a paperless environment and the rest are scheduled to be completely digitized by next year. Across the system, about 14,000 physicians access electronic medical records for 8.7 million patients in nine states and the District of Columbia.

President Barack Obama's plan to overhaul U.S. infrastructure includes constructing a nationwide "smart grid" that promises to help address many of our current energy challenges. The smart grid plan offers the hope that it "will save us money, protect our power sources from blackout or attack, and deliver clean, alternative forms of energy to every corner of our nation." While these are noble societal goals, smart grid technologies and systems as envisioned also raise concerns about individual privacy rights. Part of what makes the smart grid "smart" is its ability to know a lot about the energy-consuming devices in our homes and to monitor activity for those devices to help determine when power should be used or limited. Such knowledge is useful in regulating power consumption to use energy more efficiently. In addition to reaching into homes to regulate devices, information about usage and activities could be extracted from homes. Home energy consumption patterns could be gathered and analyzed on a room-by-room and device-by-device basis to determine which devices are used and at what time of day. Although this sort of information may not be considered terribly invasive for some, for others anything that violates the sanctity of "home" may cause tremendous concern.

The United States' 35-year-old federal privacy law and related policies should be updated to reflect the realities of modern technologies and information systems, and account for more advanced threats to privacy and security, according to a report sent today to OMB Director Orszag. In its 40-page paper, the National Institute of Standards and Technology's Information Security and Privacy Advisory Board calls for Congress to amend the 1974 Privacy Act and provisions of the 2002 E-Government Act to improve federal privacy notices; clearly cover commercial data sources; and update the definition of "system of records" to encompass relational and distributed systems based on government use of records, not just its possession of them. The panel included technology experts from industry and academia. The panel wants heightened government leadership on privacy and suggests the hiring of a full-time chief privacy officer at OMB and regular Privacy Act guidance updates from the office. Chief privacy officers should be hired at major agencies and a chief privacy officers' council should be created, much like the Chief Information Officers' Council that is chaired by OMB's e-government and IT administrator.

Senate Judiciary Chairman Patrick Leahy (D-Vt.) has reintroduced a data breach bill that would set tougher rules for government agencies and private sector firms regarding consumers' personal information. This will be the third time around the block for the Personal Data Privacy and Security Act, which has cleared the Judiciary Committee, but never come to a vote on the Senate floor. The bill would preempt the more than 40 state laws laying out requirements for notifying consumers in the event of a data breach, a long-deferred legislative goal that has the general support of the IT industry. But Leahy's bill is about more than just data breaches. Among other things, it would set baseline security information standards for government agencies, something that the Obama administration has begun to work on with the early steps of an overhaul of the government's cybersecurity apparatus. "This is a comprehensive bill that not only deals with the need to provide Americans with notice when they have been victims of a data breach, but that also deals with the underlying problem of lax security and lack of accountability to help prevent data breaches from occurring in the first place," Leahy said in a statement. "Passing this comprehensive data privacy legislation is one of my highest legislative priorities as Chairman of the Judiciary Committee."

"Facebook CEO Mark Zuckerberg has just written an open letter to Facebook users regarding a privacy overhaul that is due to hit the site in the next few weeks. Soon, users will be able to selectively choose, on a per-post basis, who can see the content they post to the site. Facebook is also going to remove regional networks entirely, largely because some of those networks (like China) consist of millions of users, which makes them useless from a privacy standpoint. If these changes sound familiar, it's because Facebook actually announced them way back in July. Zuckerberg also notes that Facebook now has 350 million users ? it has added a whopping 50 million of them in the last two and a half months. Alongside the regional network change, privacy controls will be simplified. As Facebook rolls out the new privacy settings, users will be presented with a page designed to walk them through the new options. Depending on your current privacy level, Facebook will make recommendations, though you'll be able to change them as usual. "

Current government rules do too little to protect the privacy of people's personal health information and also hinder the use of health data in medical research, a panel of experts reported on Wednesday. A committee of the Institute of Medicine, which provides advice to U.S. policymakers, urged Congress to take an entirely new approach to protecting personal health data in research. Federal standards for protecting privacy of personal health data under the Health Insurance Portability and Accountability Act of 1996, or HIPAA, are not doing the job, the panel said. Congress and the Obama administration are planning major changes this year to the U.S. health care system. Regarding the privacy rules, Congress should either start from scratch or thoroughly overall HIPAA's privacy provisions, the panel said. Better data security is needed, with greater use of encryption and other security techniques, the panel said. Encryption should be required for laptops, flash drives and other devices containing such data, it said. "Both privacy and health research are important. And we feel that we can strengthen privacy protections for people who participate in research while also allowing important research to proceed without unnecessary impediments," Dr. Bernard Lo of the University of California San Francisco, a member of the panel, told reporters. HIPAA governs how personally identifiable health information can be used and disclosed by health plans, health care providers and others. The intention is to protect personal health information while permitting the flow of information for health-related research and medical care. Lo said HIPAA has burdensome and confusing procedures for people to consent to have their health data used in medical research, dissuading people from taking part in such research.