Re: Linux and the law (May 16)
Timely article and your observations about preferred vendor behaviour to SCO are bang on the mark. Have you had the opportunity to read Eric Raymond’s
essay on this topic?
As always, Eric’s writing is precise, entertaining and entirely germaine to SCO’s ridiculous suit. Imagine Eric Raymond called as an expert witness by IBM? I gladly would pay hard-earned after-tax dollars to be present in that US courtroom!
Take care and keep up the good work.
Re: What doctors don’t know about privacy (May 14)
I am quite confident in stating that the traditional method of paper based records, combined with the open public access, presents a much greater risk to patient confidentiality than one may find with modern electronic health record (EHR) systems.
While I support Dr. Mercer’s diligent approach and zeal for security, your article fails to address any advances or benefits relating to EHR security or systems. As you are most likely well aware, electronic health records offer many advantages: cost savings, increased information access for the medical team and security. If implemented correctly, most EHR systems offer far better protection for patient information than the traditional paper-based file. Audit logs for EHR access and modifications combined with strong database encryption and other security measures are common in most EHR systems. In this regard, I encourage you to have a look at the HIPAA (U.S.) law, that outlines many security practices as they relate to medical information in electronic form. Ontario has a similar legislation though not nearly as thorough.
As a final thought, I would be curious to know if there are any dedicated trained and well informed security personnel watching over paper medical files in an healthcare setting? I would also be curious what your perspective on the article would have been had you spoken to system architects from any EHR company.
Re: What doctors don’t know about privacy (May 14)
I am a software and hardware IT vendor serving the Ontario medical community, and I read your article. It is true that Ontario physicians are not prepared for the IT challenges that face them. This is true of many other professions, not just medicine.
Physicians rely on outside IT assistance in the form of vendors, consultants and software suppliers, as do many other industries. This issue has only really come to a boil as physicians connect their internal networks to public high-speed networks and do so using the same routing and security products home users use such as cable/DSL modems routers/wireless products, potentially exposing the data on their office networks to the outside world, should they misconfigure their security settings by design or mistake. This is a real concern and industry vendors, (Information Technology Association of Canada, the Ontario Medical Association and the various agencies in the Ministries of Health are engaging physicians on a daily basis to educate them and assist them with their IT projects, to promote responsible use of their networks and security.
There are several aspects of this article and quotations used that would lead readers to believe that physicans and the industry are blindly stumbling around creating security holes in medical networks without regard for patient privacy. The tone of the article implies an almost crisis situation. Nothing could be further from the truth.
Firstly, it is incorrect to put forth that remote access to a physician’s network by their IT support personnel is somehow irregular or wrong. IT support personnel in EVERY industry are exposed to their customers sensitive business data to greater or lesser degrees (depending on their roles) on a daily basis.
It is precisely because physicians are highly trained professionals in the field of medicine and at significant manpower shortage, that they routinely rely upon IT expertise to assist them, and this should not be looked upon with suspicion or conspiracy as the article implies. I would challenge you to find and publish a documentable case where a physician’s system was hacked and the patient information published or released.
Vice-president of technology
Advanced Computer Systems Ltd.
Re: What doctors don’t know about privacy (May 14)
I applaud you for bringing some awareness to the serious issues described in this article, but your readers need to know two important points that were missed.
Firstly, technological security measures are not the entire answer to protecting information security and data privacy. Throughout my career I have seen users prove that physical and technological protection is useless when the users themselves have no idea what to do and what not to do — with the system, equipment, and the information. Urging people to invest in more or better technology can be dangerously misleading since technology alone is inadequate to protect information and privacy.
Secondly, there was no mention of existing and impending legislation that require health related, medical, and other personally-identifiable information to be kept private — leaving readers to remain blissfully unaware and vulnerable.
I am quite familiar with these issues since our company is dedicated to helping people and organizations identify and assess their information security and privacy risks — from the perspective of people and the impact that people can have on technology, privacy, and information.
Project Scope Solutions Group
Re: Monopoly a risky game for telecom sector: Call-Net (May 14)
It is most frustrating that the regulatory regime in Canada is so out of step with reality, that the system is ineffective, and while everyone agrees that immediate remedies are necessary to save the fledgling competitive sector, the mechanism to get there does not work.
Everyone agrees that the best telecom industry structure is “”sustainable competition.”” It took me, and Call-Net supporters, seven years (1985 – 1992) to prove it. The Telecom Act says so, the CRTC policy supports it, and government-stated policy endorses it.
However, the facts show that Canada’s telecom industry, after 11 years of “”official”” competitiveness has failed to produce a sustainable competitive structure. Why? Because the system’s regulatory process is not workable. Since 1992, when the ground rules for competition were set, the new entrants had to prove to the CRTC, through applications, that the incumbents are breaking the rules and taking advantage of lack of supervision of the rules and lack of enforcement of the rules. The onus of proof lies with the fledgling new entrants. It is up to them to prove the obvious in prolonged proceedings, despite the statistics generated by the government, which show that competition is failing. (The incumbents still own 90 per cent of the telecom market.)
There could only be two reasons for this failure:
1. The 1992 and subsequent CRTC rules are inadequate to sustain competition, and 2. that the incumbent carriers broke the rules and continuously ignored the basic principles and intent of “”sustainable competition”” by taking advantage of their dominance.
In either case, the onus of proof is on the wrong party.
By responding to applications (today’s preferred method of review) the Commission has created a bottleneck of applications, which causes huge delays in the implementation of well-deserved proposed remedies for sustainable competition. The delays benefit the incumbents and remedies often come too late for the new entrants.
During the last 11 years it has been proven over and over that the rules were inadequate and needed change. Yet, the process, fraught with delays and further battles through numerous proceedings always work to the benefit of the incumbents as they gained time to enhance their dominance based on the old rules. If the CRTC had called it right in the first place and had not paralyzed new entrants with enormous fees and contributions for the benefit of the incumbents, we would not have today’s fiasco whereby only three or four out of 20 new entrants survived and billions of investment dollars were lost.
(Founder, Call-Net Enterprises)
Re: We need another hero (May 14)
I could not agree with you more. Prior to my current position, I held the position of IT administrator and communications coordinator for a charity. The charity never had the capital to provide me with the upgrading skills I need to stay current. I have been doing this for 20 years now. In the process I have been constantly looking for a mentor, but never did I find one. There was hope for a while in one aspect of my career. I joined a WebMaster’s Guild that promised mentoring as part of its aspect. For a while the guild flourished and I even found myself elected to the Board. The problem was the guild over-promised and under-delivered on the mentoring and as a result the Guild failed.
No matter how much we learn, an IT person has so much more they need to know. If ever such a mentoring hero arises, please let me know because I will be the first in line. And if I had IT staff, I would gladly mentor them. More likely I will probably pass the baton of CIO to someone younger and with more certifications than I have and concentrate on my CMO responsibilities.
Re: The flip side (May 5)
You posed the question: “”Do we become more efficient though better products, or by becoming better users?””
A cynical answer is that the easier it is to do something, the easier it is to do it badly. Products these days tend to attempt to hide all the messy details, so that one doesn’t have to know anything about how they actually work. Therefore, there is not much incentive to be a better user. So the only gain in efficiency, for the masses, will come about because the products they use become faster and faster.
One must be as good a user as possible to get the most out of the products we use — but it isn’t going to happen!
Are you nuts? Since 2000 over 80,000 IT workers have been let go in Canada. Most of them are now working in totally unrelated fields and at bottom salaries. The real number of unemployed workers is probably higher. In Kanata over 1,000 former Nortel, Alcatel, etc. employees have had to declare personal bankruptcy. In Kanata, over 1,000 unemployed IT workers attend weekly group therapy sessions to console one another. In addition most IT students cannot find jobs. Your writers may not know this but students and teachers do. Enrolment in IT related field has thus dropped drastically. Every student is scrambling to find something else which might serve as a career to get them through life. None of these people, formerly employed or in school, are trained for large versus small companies. They learn skills like accounting, programming, electronics, etc. I am sorry but there is no such thing as a academic program directed at larger firms.
The only things taught are generic skills and there is more than an ample supply of these. Ron McLean at York is completely out of touch on this issue. And, as for Pierre-Paul Allard (president of Cisco Systems of Canada), he just wants to find a kid with a billion dollar idea who lacks the business savvy to see it. Nothing has changed in this regard.
Letters to the editor must include the writer’s name and company name along with an e-mail address or other contact information. All letters become the property of ITBusiness.ca. Editors reserve the right to edit submissions for length and content.