mHealth: What’s In It For Doctors?

mHealth: What’s In It For Doctors?

Although not true for all practitioners—getting physicians to adopt new technologies is like getting people to leave their cars at home and take mass transit. Commuters want to see a clear benefit to taking the bus; “saving the planet” usually is too abstract. If it takes twice as long to get anywhere, and you can’t stop at the grocery on the way, you will stick to your car to get around. Likewise, doctors want to see how the effort and expense of yet another technology initiative will benefit them before they get on board.

Mobile health, or “mHealth,” is no exception. MHealth leverages mobile devices, such as smartphones and tablet computers, so that doctors can collect, store, and analyze health information more readily, and access applications that can assist with diagnosis or the selection of treatment options. It sounds great, and various mHealth technologies and applications are already making a difference in parts of the world that lack ready access to mainstream healthcare. But in industrialized nations, doctors—many of whom, according to a 2015 survey, are already dissatisfied with the environment in which they work—see mHealth as another expensive, time-consuming initiative with no immediate benefit.

mHealth: What’s In It For Doctors?

And they’re right. The value of an information system lies not in the amount of data in the system, nor the ease with which it got there, but the analysis and interpretation of the data—that is, the ability to gain knowledge and insight, and to decide from the data. The trouble is, it takes time to accumulate enough data to make meaningful inferences. Until that happens, mHealth is little more than a data entry tool, which many practitioners already have in some form or fashion.

So what can be done to get physicians to adopt mHealth?

Here’s a crazy idea: Ask the doctors. Find out where their pain points are—that is, what areas of seeing patients, understanding symptoms, performing tests, making diagnoses, and formulating treatments are too time consuming, too cumbersome, or too unreliable, and how technology could help find problems that the mobile platform is best suited to solve. Get the requirements and set up partnerships between the doctors and the app developers. That way, the physicians drive innovation that makes their working lives easier, rather than “innovation” driving them…up the wall.

(Granted, getting medical device software approved for distribution in the U.S. is an arduous task involving clinical trials and other regulatory hurdles, but at least the efforts would be towards something that will, upon release, have an immediate benefit.)

The idea is to give physicians solutions to their problems that take advantage of the mobile platform, to do things they can’t do well (or easily, or at all) with their current technologies. Small, focused solutions that make an immediate impact will see quicker adoption than large, expensive, ambiguous projects with little clear short-term benefit.

In this way, mHealth can get momentum and support from medical practitioners, and the medical community can work its way up to the comprehensive, integrated system that many mHealth proponents envision. It might take more time to get there, but the journey will be much more fruitful.

Dean Van Dyke iBridge LLC

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsourcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

iBridge Newsletter7 Things About Medical Identity Theft Healthcare Executives Need to Know

Innovation in the Legal World and the Need for a New Perspective

Innovation in the Legal World and the Need for a New Perspective

In the wake of several high profile data breaches that have recently occurred, the public eye has turned its crosshairs on the outdated technology and clichéd business practices that exist in the legal world.

Legal firms have tried to keep up with the developing technological needs of their industry, but their efforts have traditionally fallen short. With practices deeply rooted in tradition and held sacred by many lawyers, innovation in the legal world is scarce.

Law as Business

The most recent Inside Counsel SuperConference held on May 12th of this year discussed the need for technological improvements in the legal world, with many industry insiders agreeing that law firms must function more as businesses and apply a new mindset to the way they handle in-house counsel.

Legal firms on the cutting edge have already been using technology to inform their legal practice in the same ways that businesses have. By gathering data on legal competition and using predictive analytics to measure future outcomes, firms have received an enhanced level of insight into the legal process that outdated firms can’t match. Pairing these business practices with in-house legal goals means better informed lawyers, more prepared counsel, and a stronger overall firm.picjumbo.com_9814538046_86523fdb81_o

“Technology is pervasive,” said David Cambria, global director of operations and government relations at Archer Daniels Midland Company. “I think you are going to see a lot of adoption of technologies or ideas in lot of places …Innovation is a message that resonates with any business.”

Developing Innovation

Lawyers entering the industry fresh out of law school bring with them changing trends for the legal world.

Many of the practicing lawyers received their education well before the advent of the Internet, creating a legal environment where new and innovative technology isn’t prioritized. However, young lawyers whose legal training went hand-in-hand with technology use are bringing changes to the way legal counsel is handled though social media outreach, more efficient data management, and productivity-saving applications.

While firms resistant to change may hold off on implementing new technology until they can verify its efficacy, they may find that by the time they’re ready for change, they’re already too late. Early adoption is a key part of innovation. Technology is developing fast, and legal firms that don’t want to fall behind must stay ahead of the curve.

Our endeavor at iBridge is to provide a forum for firm leadership to dialogue as they weigh transformation strategies. While it easy for someone from the outside to preach on change, facilitating change while keeping the firm solvent and growing is difficult. We can offer counsel and guide the process. Contacting us or calling us at 888.490.3282 is the first step in the right direction.

Desh Urs iBridge LLC

Written by Desh Urs

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

iBridge NewsletterContract Management iBridge LLC

How Big Data Complexity Is Redefining Legal Tech

How Big Data Complexity Is Redefining Legal Tech

The volume of data accumulated daily in any law practice is massive, and continues growing annually. This, combined with the increase in technological evolution seen in the legal industry, are together reshaping the face of daily business within a law firm. But is technology changing the legal space, or is the legal industry affecting the development of legal technology instead?2M1AXEU9Q2

The Chicken or Egg Argument

The age-old question over which came first for the chicken and the egg has a lot in common with technology vs. legal industry debate. Unlike chickens, though, technology and transformation within the legal industry take place simultaneously, with each mutually informing the other.

New tech entrants into the marketplace focus on legal disruption, responding to the drive from clients. Changing the way resources are structured takes priority. This not only involves concerns over the sheer volume of data accumulating, but also the increased complexity in keeping up with regulations and compliance mandates.

Data does not exist in a vacuum. For law firms particularly, data must be filtered in a usable way, converting raw information to knowledge. This is just as true for gap analysis during contract management as it is for fact development for a case. A greater understanding must be reached about the best way to collect and manage data within an organization, adopting an approach that works for the daily needs of the business.

One Size Does Not Fit All

None of this should imply there is a “one-size-fits-all” solution for big data management. Instead, the solution lies in implementing various tools and platforms that are flexible enough to work for a range of different client needs. Applying the tactics to the concept, document or data at hand accomplishes clients’ goals, as disparate as they may be.

The traditional legal model is cumbersome and time-consuming, qualities that do not lend themselves well to today’s fast-paced working environment. Clients, boards and shareholders want more comprehensive results, and want those results faster. To do this, start by understanding client risks, then draft a solution designed to meet those specific needs.

The legal industry can no longer claim that technology capable of this level of flexibility does not exist. Instead, legal departments must adopt a culture of technology that lends itself to better process management regarding today’s reality of handling big data.

Desh

Written by Desh Urs

Desh Urs brings more than 20 years of entrepreneurial, start-up and Global 500 corporate experience in sales, marketing and general management to the customers of iBridge. He has led sales organizations as SVP at Qsent, Inc. and VP at Acxiom Corporation, and has focused on the usage of data in data distribution, direct marketing, fraud prevention, and law enforcement.

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

Newsletter-CTA1-1024x129Law-Firms-and-Cyber-Attacks-eBook-CTA-1024x444

At Your Own Peril, Leave Your CIO Out of Your M&A Team

At Your Own Peril, Leave Your CIO Out of Your M&A Team

In the information age, it would seem unthinkable that organizations considering mergers would barely consider the expenses that integrate IT systems, yet this is often the case. With technology a critical part of business in today’s market, what stops law firms from making IT integration a priority during a merger?

An Organized Merger

Whether technology is included or not, combining firms can be a logistics nightmare for communication and productivity. While a merger may succeed in the long term, it can cause serious disruptions in the streamlined infrastructure of two organizations.

Fortunately, there are ways around getting bogged down in the mire of conflicting systems and redundant corporate policies.

Communication

An important aspect of any merger, communication between the two firms is essential during the transition period to increase cooperation and reduce stress along with the associated losses in productivity that come with it.

Having a structured organizational system where jobs are delineated will allow employees to know where they stand with their new positions. Redundancy is a major concern when combining two firms, as both will have employees and policies in place bound to conflict. Being vague about operations or employee expectations will do no one any favors, and can be a serious detriment to productivity and morale.6477358187_dbfa1087fb_b

The IT Influence

Information systems are not placed high on the list of merger priorities. Firms will typically focus on homogenizing corporate culture and recognizing potential conflicts, but will fall short in IT integration. Despite the essential nature of IT support for client interactions and inter-office infrastructure, IT is usually considered only as afterthought.

This can be a challenge for administrators that need time to integrate two competing systems, or adapt pre-existing systems to new protocols. This would be a simpler process if IT protocols were consistent across firms, but often one system will be given higher priority over another, usually with the larger firm overshadowing the smaller.

While it makes sense to have the system with the larger resources take the lead, this strategy can cause well-functioning operating systems being stamped out by larger corporate policies. This might not cause problems in the long run after the larger infrastructure is in place, but that is small consolation to the clients whose business is disrupted by a system overhaul.

Whether one system takes over another or the two networks are fused equally, many costs are associated with integrating two separate IT firms that must not be overlooked when discussing a merger.

Critical Costs

There are several important factors to consider when estimating the financial and personal burden of combining tech systems. Budgets of both firms should be considered to know where investments should be made. Ideally, the firms being merged would have a similar infrastructure and tech goals to optimize where funds would be distributed.

It is common for firms on the edge of a merger to have reduced IT staffing; another unfortunate by-product of the lack of IT prioritization. Knowing which personnel are essential to the infrastructure is key in keeping costs down, which is why include IT in the actual merger discussion from the beginning.

With the heavy burden they have to bear, any firm considering a merger must not make the mistake of bringing IT on board too late, which can lead to ineffective allocation of resources and poorly integrated network systems that disrupt the flow of business.

Desh

Written by Desh Urs

Desh Urs brings more than 20 years of entrepreneurial, start-up and Global 500 corporate experience in sales, marketing and general management to the customers of iBridge. He has led sales organizations as SVP at Qsent, Inc. and VP at Acxiom Corporation, and has focused on the usage of data in data distribution, direct marketing, fraud prevention, and law enforcement.

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decisions Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

Newsletter CTAContract Management eBook CTA

Four Ways Technology Will Improve Healthcare Collections

Four Ways Technology Will Improve Healthcare Collections

Healthcare billing has long been a one-trick pony: services are rendered, a paper bill is printed and mailed, the patient mails a check back. (Or not.) Technology has advanced to where hospitals and other providers have options to make patient payments easier and more convenient, and tools to improve the bill collection success rate. Here are four ways that technology will help healthcare providers and their patients with billing.

Mobile Payment Options

The same demographic that’s becoming more financially responsible for healthcare is younger and accustomed to using mobile devices for everything, including paying for things. Well-designed mobile apps that help patients comply with medication schedules, keep track of exercise and food intake and make it easy to pay healthcare bills will have a positive impact on the collection success rate and patient health.

Female Doctor Holding Phone

Image courtesy of Naypong at FreeDigitalPhotos.net

Patient Web Portals

Imagine a personalized website where a patient can go to view health history, make appointments, learn about procedures and treatments and pay bills all at the same time. Think Amazon, but for a hospital. Such a portal could inform the patient about the price of each procedure, the likely cost of ancillary items (such as medicines and supplies), how much is covered by insurance and what the patient must pay out of pocket.

Nontraditional Payment Options

Taking a cue from other industries, technology will help providers give their patients more options for paying their bills. Payment plans, discounts for paying up front or within a certain period and more will help increase collection success. There may come a day when healthcare providers will accept alternative payments, such as cryptocurrency like Bitcoin. All should be clarified to patients (on their mobile devices and web portals ) so they can choose the option that works the best for them.

Predictive Analytics

Healthcare providers must collect a great deal of personal data from their customers. With the proper analytical algorithms, data analysis can size up new patients and evaluate how likely (and how promptly) they will pay their bills just as accurately as a credit score. Knowing this in advance can help a provider steer patients to payment options that are more likely to succeed.

The healthcare industry is not known for being an early adopter of new technologies; tried and true has been the general rule, whether for new therapies and devices, health records or billing. But as younger patients pay bills, it behooves the industry to innovate and seek new ways to serve its patients. Doing so will improve the results not only for the patients, but for the providers’ bottom lines.

Dean Van Dyke

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsurcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

Newsletter Sign UpCTA ICD-10 eBook

ASC and iBridge Partner to Solve Growing Contract Management Concern for Data Insight and Utility

ASC and iBridge Partner to Solve Growing Contract Management Concern for Data Insight and Utility

ASC and iBridge have partnered to deliver powerful contract lifecycle management (CLM) solutions, best practice contracting and information management services, and professional services support to customers in the US and India.

Ottawa, Ontario (February 17, 2015) — ASC (Advanced Software Concepts), a leading provider of SaaS and on-premise based contract, document, form, and configure, price and quote (CPQ) management solutions to SMBs and large enterprises, today announced its partnership with iBridge, a leading information management and data services firm.

This partnership will harness the power and versatility of the ASC solution platform and iBridge’s portfolio of information management and data services to offer both public and private sector organizations unparalleled visibility and control of contractual agreements, information assets and associated data. Customers will benefit from advanced contract lifecycle management (CLM) and information management tools that provide them the superior insights needed to take control of revenue-generating opportunities, reduce costs, and mitigate non-compliance and other corporate risks.

The preliminary focus for the partnership will be the US market, particularly in the legal, healthcare, manufacturing, financial, energy, technology, and government domains. This will be followed by market growth efforts in India where both companies have technical centers of excellence. The partnership will leverage ASC’s and iBridge’s complementary service and solution portfolios and their deep domain expertise and global reach to maximize return on investment for our customers.

 

iBridge is an information management and data services company specializing in collecting, organizing, analyzing and interpreting data using a unique blend of human and computer intelligence so that the data provides a true strategic information asset and competitive advantage for customers. By rapidly distilling large data stacks into clear, comprehensive, and simplified result sets for interpretation and use in different industries and applications, iBridge enables customers to quickly react to the changing competitive landscape. In supporting same, they offer additional value-add services such as mobile scanning units to digitize contracts, business process outsourcing services and contract review and data entry services.

ASC provides tailorable CLM solutions and supporting services and lifecycle management solutions for documents, forms, CPQ and other document types and business processes. The company has a proven reputation for delivering feature rich, best practice solutions across industry and around the world. Working with iBridge, ASC will broaden its scope even further with an enriched professional services offering. iBridge clients will benefit from ASC’s strong service and support framework and enterprise-grade solution portfolio which provides industry specific, seamlessly integrated modules that easily and flexibly scale to support businesses of all sizes and complexities from small-medium enterprises to Fortune 500 companies.

“Our strategic partnership with iBridge will leverage our core strengths to provide customers with faster, more effective tools to populate their ASC Contracts databases, automate their processes and derive more meaningful data insights,” said Shawn King, President and CEO, ASC. “Working in tandem we will deliver a powerful and integrated suite of CLM and information management solutions and supporting services designed to ensure the full utility of contracting information and processes as strategic corporate assets and drive immediate value for money.”

“iBridge’s partnership with ASC is a great fit for us from all angles — from shared values, to technology solutions and market opportunities,” said Dean Van Dyke, Vice President, Business Process Optimization, iBridge. “This relationship enables us to better support customers with an extensive portfolio of professional services complemented by solutions rooted in a proven best-practice framework and will also address the growing need for seamless business process lifecycle solutions that assure optimal data utility and resultant business intelligence.”

The two companies will engage in joint marketing efforts to develop business opportunities throughout the US and India.

Founded within a framework of cross-industry best practices dating back to 1992, ASC solutions are delivered via a proven web-based platform easily tailored to environments and processes and is well suited for any industry and organizations of all sizes and complexities.

All ASC solutions provide a central database to track key milestones within a company’s business workflows and administration processes, the ability to capture images (e.g., signed contracts), approvals routing workflow management, robust search and reporting, template and clause libraries, and support for a wide range of meta data, document and content types and processes such as compliance and credentialing.

This strategic partnership represents another key initiative in ASC’s commitment to expanding its worldwide partner network and continuing to offer comprehensive “end-to-end” solutions and services to exceed the diverse needs of our customer base in markets around the world.

View the PDF version of the press release.

About ASC

ASC (Advanced Software Concepts Inc.) is a leading provider of cloud, Software as a Service (SaaS) and on-premise solutions for contract, document, form and configure, price and quote (CPQ)lifecycle management. Leveraging the proven ASC solution platform, ASC deploys tailored, customer-specific solutions that automate and streamline business process management requirements end to end. Features include a searchable online data repository, document generation, template library, workflow management, audit-ready history and reporting, esignature, image capture and support for a wide range of document types and processes. ASC solutions help organizations reduce costs, maximize revenue and minimize regulatory non-compliance risks. With extensive experience providing best practice solutions, ASC is an industry expert that works as a true partner to define and create unique business process management solutions for our SMB and large enterprise customers. ASC also provides solutions for order tracking, invoice validation and verification, data retention, records management, product configuration and sales configuration. For more information, please visit www.ascnet.com.

About iBridge

iBridge is a team of trusted, responsive information experts who capture, normalize, mine and report data to help organizations make smarter business decisions. By cutting through the data noise, iBridge provides critical information to its customers, allowing them to better understand their opportunities. iBridge’s value is in its ability to solve business problems in collaboration with its customers; to rapidly scale up or down; and to integrate its teams with client organizations. Besides its information management services, iBridge offers eDiscovery and legal support. The company has offices in Oregon, Washington and India. For more information, please visit ibridgellc.com.

Contact Information:

Angie Stockley
Advanced Software Concepts
angie.stockley@ascnet.com
+1-613-599-2087 x240

David Kaufer
iBridge
david.kaufer@ibridgellc.com
+1-503-906-3930

Accidental Data Breaches and How to Prevent Them

Accidental Data Breaches and How to Prevent Them

There are two basic ways that data breaches occur: Deliberately (where someone, within or outside an organization, intentionally and maliciously accesses the organization’s sensitive data), or accidentally. Within the “accidental” category, data breaches occur either by failing to follow procedures or by failing to implement and use technical safeguards. An effective data security plan incorporates both procedural and technical elements to prevent accidental data breaches.

Employee Made A Blunder While Working

Source: freedigitalphotos.net

A recent report by California revealed that accidental data breaches account for 47% of all data breaches reported to the state government. Although the accidental breaches accounted for only 7% of the compromised records, it’s still a significant number. It’s safe to assume that most or all could have been prevented by having comprehensive data security procedures in place and followed, and by implementing technical safeguards, such as encryption.

Often, sensitive data is released because employees fail to recognize that the information is sensitive and needs to be protected. Paper documents with Social Security numbers or credit card data are put in the trash or recycling bin instead of being shredded, or healthcare records are “temporarily” placed on USB flash drives or laptops then misplaced. Everyone in the organization must be able to identify sensitive data, and the criteria for classifying data must be spelled out. A simple rule to follow is that all data should be sensitive until proven otherwise.

In other cases, policies regarding how to protect sensitive data are nonexistent, poorly understood or poorly enforced. Procedures that don’t exist, are excessively complicated or haphazardly enforced will not be followed. These policies should be clear and easy to follow, and everyone should be trained on them—not just once, but on an ongoing basis.

Humans forget; they take shortcuts and they lose things. Technical safeguards can help where humans fail. Most computer operating systems can be configured to not only require user account passwords, but to require that the passwords meet certain complexity criteria and that users change their passwords periodically. Similarly, computers can automatically lock themselves when unattended.

Going further, many devices, such as laptops, tablets, smartphones, and flash memory, can be configured so data files are encrypted. The California report found that 26 percent of data breaches were due to lost or stolen physical devices, yet the data could not have been accessed had passwords been required.

Even more sophisticated (and expensive) technical solutions are available, such as monitoring software that automatically identifies sensitive files and prevents them from being copied onto flash drives, emails or web pages.

No data security plan should rely solely on policies and procedures or on technical solutions. The best plans incorporate both.

Dean

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsurcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

CTA NewsletterCTA Underground eBook

Cyber Security & Secure Digital Communications – Filtering Through the Noise

Cyber Security & Secure Digital Communications – Filtering Through the Noise

Over the past several years, we have seen an increase awareness of terms such as Cyber Security, Compliance, Privacy, and Data Breach. Terms that strike fear in the minds of management and operators alike. They are gatekeepers of sensitive and classified information. In the technology-driven world we live in, this affects almost every industry, and the Nuclear Industry is a perfect target.

In this article, we will summarize Secure Messaging and Secure Content Delivery. We will cover the concept, benefits and best practices.

The Concept:

Source: freedigitalphotos.net

Source: freedigitalphotos.net

Secure Messaging & Secure Content Delivery is the ability to encrypt electronic communications and files between multiple parties. This is not a new concept, as solutions have been around for decades and more than likely, you have already participated in either sending or receiving an encrypted message in the past. What has changed is a renewed focus by vendors to offer solutions that are more user-friendly, offer better security, and with tighter integration within existing communication systems.

Secure Messaging is a small, yet critical piece of your Cyber Security policy. A framework provided by the U.S. Nuclear Regulatory Commission (NRC) assists in identifying electronic assets that must be protected from cyber-attacks.  Other federal regulators, including the North American Electric Reliability Corporation (NERC) and the Federal Energy Regulatory Commission (FERC) also participate to ensure digital assets are fully protected. These electronic assets are critical digital assets (CDA)s and more information can be found in Title 10 of the Code of Federal Regulations, 10 CFR 73.54: “Protection of Digital Computer and Communications Systems and Networks”. It is mandatory that U.S. commercial nuclear plants provide proactive solutions to help protect communication systems.

NRC’s Regulatory Guide 5.71 stipulates products be free from known, testable vulnerabilities and malicious code through eliminating using malicious or undocumented functions that may allow either unauthorized access or use of systems.

Benefits and Best Practices:

It is easy to understand the value proposition of secure email. Besides providing multiple-layers of encryption, there are several features offered within systems that may align with operational and functional objectives. The requirement and ability to secure CDAs is relevant, yet perhaps any communication between peers, and co-workers should be encrypted, given the raised threat level and industry they work in. When communicating with external partners, business associates and customers, a renewed focus on Security, Privacy, and Compliance will only help to better train users and lower both Legal and Operational risks for the facility.

A growing concern for companies is in faxing. Fax solutions are not secure, using standard telephone lines to transmit sensitive information that can easily be intercepted using tools purchased from a local electronic store. Incoming faxes normally come to a central location, and may not be collected when delivered. This poses a risk as any persons who have access to the fax machine, will also have free access to send, receive, or read faxes.

Secure email is much safer than traditional faxing, and electronic faxing (e-Fax) solutions, as it offers useful intelligence and audit trails. Solutions exist where traceability and tracking features are embedded within messages. This not only ensures communication and documents are delivered, but can also verify that the intended recipients received them safely. Documents can be sent in their native electronic format, which saves the recipient from having to re-scan the fax document to store electronically. Finance and HR Departments are a two functional areas where native file formats are required.

Solutions also exist where large file size delivery is embedded within the system, allowing for more flexibility when sending large PDF or database files. This helps to reduce costs used in traditional courier and mailing services. Other intelligence features can include the ability to recall secure messages sent in error, or to set expiry periods to secure messages and/or attachments. Either feature provides granular control to users, minimizing financial and legal risks. Having unique abilities not traditionally offered in regular email communication systems offers organizations a distinct advantage when communicating both internally and externally. In the most subtle way, an organization can manage expectations and set accountability between users and parties. Adding additional layers of encryption will only enhance existing security policies and procedures followed today.

The next time you review your internal Cyber Security policies, understand how simple email communications are being protected. This should go beyond traditional desktop emails, and also include emails sent through both phone and tablet devices. Sometimes the most often used communication tools are taken for granted, which can lead to lack of procedure or process, which might lead to data leakage or mistakenly sending otherwise sensitive information to unintended recipients.

If you would like to review a solution or discuss this topic, please email desh.urs@ibridgellc.com.

Desh

Written by Desh Urs

Desh Urs brings more than 20 years of entrepreneurial, start-up and Global 500 corporate experience in sales, marketing and general management to the customers of iBridge. He has led sales organizations as SVP at Qsent, Inc. and VP at Acxiom Corporation, and has focused on the usage of data in data distribution, direct marketing, fraud prevention, and law enforcement.

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decisions Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

Your Data and the Law: Unanswered Questions

Your Data and the Law: Unanswered Questions

In the U.S., the pace of technological advance outstrips the ability of the justice system to keep up. Courts are at a loss to fit new technologies into existing legal frameworks and theories. Judges are slow to extend traditional statutory and Constitutional protections to new industries and practices. Until the judiciary catches up, individuals should be careful with how they manage their personal electronic information.

Source: freedigitalphotos.net

Source: freedigitalphotos.net

One technological issue that the courts only recently have addressed is that of electronically stored information (ESI)—the documents, photos, emails, posts, tweets and computer files of all kinds that now pervade most of modern American life. Numerous legal questions have seen conflicting legal rulings (or no legal rulings) and therefore remain unresolved. For example:

  • Who owns your data? If you store data in the cloud, does it still belong to you, or to the cloud-storage custodian you have entrusted it to? If it is lost, or corrupted, or stolen, who is responsible, and what are the fair and equitable remedies?
  • Who owns data about you, and what are their responsibilities regarding that data? As the Edward Snowden leaks revealed, federal government agencies have met no resistance from phone companies when asking for data regarding peoples’ calling histories. Even if you do not technically own that data, should you have a right to be informed when the data they are requesting is about you?
  • What—and how much—data can reasonably be seized and searched by law enforcement with a search warrant?

Cases that address these questions (and others) are making their way through the court system and will become settled law. It will take time for law enforcement, prosecutors, defenders and judges to understand the intricacies of these questions and the underlying technologies, and how the existing laws and regulations address them. In the meantime, there are things you should think about regarding your own data:

  • Convenience vs. risk: Although it might make life easier to have documents, photos and other files stored in the cloud, ask yourself: What if the cloud storage company goes out of business, or has a catastrophic technical failure that renders your files temporarily or permanently inaccessible?
  • Protection from snooping: What is the cloud storage company’s policy regarding government requests to access your data? What are the limits to that access? Unless the courts decide otherwise, law enforcement has the right, with a warrant, to access all of your data, including items that are unrelated to the investigation. Even if you have nothing to hide, could the files you store be manipulated, put together and interpreted in a way that makes you (or someone else) look like a criminal?
  • What about your devices? The U.S. Supreme Court ruled unanimously that law enforcement cannot seize or search your cell phone without a warrant. If they obtain a warrant, however, there is nothing to stop them from examining details that have nothing to do with the investigation. It is also unclear how the ruling applies to other types of devices, such as your increasingly computerized and connected automobile.

None of this should discourage anyone from taking advantage of the technological advances making lives easier, more efficient, more informed and more connected. But until the law catches up with the technology, it would be wise to put thought into where you put your data.

Desh

Written by Desh Urs

Desh Urs brings more than 20 years of entrepreneurial, start-up and Global 500 corporate experience in sales, marketing and general management to the customers of iBridge. He has led sales organizations as SVP at Qsent, Inc. and VP at Acxiom Corporation, and has focused on the usage of data in data distribution, direct marketing, fraud prevention, and law enforcement.

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decisions Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

Electronic Health Records: Boon or Boondoggle?

Electronic Health Records: Boon or Boondoggle?

In 2009, the U.S. Congress passed the Healthcare Information Technology for Economic and Clinical Health (HITECH) Act, which requires doctors’ offices and hospitals to implement electronic health record (EHR) systems. Facilities face penalties if they do not implement EHR systems meeting certain standards by 2015. The idea of EHR systems is to improve the quality of care by enabling patient health record interchange among doctors, nurses, and other healthcare professionals, to coordinate care, reduce duplicate tests and conflicting medications and reduce errors. Hospital IT departments have been working hard to implement EHR systems, and, as is often the case with large-scale IT projects, the results so far are mixed. Although nurses and doctors using some EHR systems are satisfied, in many other cases they feel that the systems are ineffective and difficult to use.

What sets the successful EHR implementations apart from the rest? The answer is no different for EHR systems than it is for other IT projects, large and small: Get the requirements right, and involve the end users.

Source: freedigitalphotos.net

Source: freedigitalphotos.net

Get the Requirements Right

A successful EHR project starts with a complete, correct set of user-level requirements. Although the HITECH Act provides a high-level framework to work within, many of the details of how users are to interact with the system are left to the system designers and developers. Getting these details right means considering all of the end users of the system (such as doctors, nurses, and facility administrators), the processes that must be supported, and the working environments in which the users will use the system. For example, a general practitioner working at a desk will use the system in a very different manner from a nurse working in a hospital emergency room. This is a formidable task, especially in large facilities with many departments (and possibly multiple locations), each of which has its own special needs.

Get the End Users Involved

So how do the designers identify, document, and validate all of these detailed user requirements? The end users must be involved in every phase of the implementation. They have to be observed in their working environments, they have to be interviewed, they have to review and confirm the documented requirements and they have to help test the system.

Apart from ensuring a complete set of requirements and getting the bugs out of the system before it is rolled out, keeping the end users involved gives them a sense of ownership and empowerment. The alternative—deciding for them and cramming it down their throats—is a recipe for low morale, high turnover, and difficulty in attracting talented personnel, plus poor-quality care for the patients.

Without good requirements and end user involvement (plus good project management), you can implement an EHR system that meets the letter of the HITECH law, but is a complete disaster for practitioners and patients alike.

Dean
Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsurcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.