But don't be shortsighted. Look into encrypting private information in your databases and files. It makes good business sense, and your customers will be more confident in their relationship with you. Besides, we predict that the federal government will follow California's lead because if it does not, enterprises may face a patchwork of 50 different state laws. That would be bad for business. And at the very least, 1386 shows that one state recognizes who owns personal information and who should be informed when it is compromised.
You might expect IT managers to roll their eyes at the mention of new government regulations that force them to retrofit or even overhaul their systems. But some health-care industry IT practitioners say changes mandated by HIPAA are just what the doctor ordered.
The regulations that are part of the Health Insurance Portability and Accountability Act have raised awareness about IT security and privacy best practices, and they're driving transaction-format standards that are sorely needed. They've also forced insurers and health-care providers to set aside their age-old animosity and together devise plans for compliance.
IT pros on both the payer and provider sides of the fence agree that HIPAA has forced a re-evaluation of virtually every system under their control, not just patient databases. For example, Children's Hospital Boston, the largest pediatric medical center in the United States, wants to take advantage of the new HIPAA-inspired standards to swap more X-rays and diagnostic reports electronically with other medical providers, but few provider systems can accommodate the Netscape back end to its iPlanet e-mail system. So the hospital is moving 1,000 users to Microsoft Exchange by October 7. HIPAA "wasn't the only driver," says Children's CTO Scott Ogawa. "But it factors heavily."
Bruce Peck, information security manager at St. Vincent Hospital in Indianapolis, says HIPAA has strengthened his case for security improvements throughout the 1,200-bed facility. Peck's wish list has long included an authentication system that would let physicians sign on once via remote connections to all the applications that handle patient and lab data. Since these doctors are unaffiliated with the hospital and can choose any facility for their patients, it makes good business sense to attract them with such a system.
If the business case wasn't a good enough argument to add SecurID tokens from Security Dynamics Technologies and single sign-on management software from Computer Associates, the clincher was the HIPAA privacy rules that took effect in April. They require that employees have only enough access to patient data to do their jobs, and no more. For St. Vincent Hospital, role-based authentication was the solution.
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
