Sunday, August 16, 2009

This is unlikely to be addressed. (We gotta DO something. It's for the children!) Unfortunately, I doubt this is the only area being trampled in the rush.

http://www.pogowasright.org/?p=2815

The FISMA challenge

August 15, 2009 by Dissent Filed under Featured Headlines, Legislation, U.S.

Carolyn Duffy Marsan has an informative piece on Government Health IT about the different requirements of different pieces of federal legislation and how they impact sharing federally held health data with the private sector. She writes, in part:

FISMA has 171 information security controls that are mandated for federal agencies. In contrast, the U.S. healthcare industry must meet the Health Insurance Portability and Accountability Act (HIPAA), which has only 101 of the FISMA controls.

“There is a gap of approximately 70 controls between FISMA and HIPAA,” Sankaran said. The challenge in healthcare information exchange is that data will be flowing from a more-secure FISMA- compliant federal system to a less-secure HIPAA-compliant private sector system.

“How do you make sure the information remains secure as it flows through two different domains of security controls?” Sankaran asked.

Among the questions that needs an answer from OMB is whether data that moves from a federal computer system to a private sector system is still considered federal data, and whether the recipient of that data needs to comply with FISMA. [Silly me, I thought it was MY data. Bob] “This requires clear guidance from OMB to the agencies’ Designated Approving Authorities (DAAs) about moving data between federal and private sector systems,” Sankaran said.

Read more on Government Health IT.



Perhaps we could take their advise?

http://www.pogowasright.org/?p=2818

NSWLRC recommends privacy cause of action

August 15, 2009 by Dissent Filed under Legislation, Non-U.S.

The NSW Law Reform Commission in a report released [Thursday] ( but dated April) recommends the state adopt a civil action for breach of privacy, but only as part of national law reform, so privacy law would be uniform throughout Australia. The report clarifies when an individual should be able to claim compensation and places limitations on the action. The Chairperson of the Commission, the Hon James Wood AO QC, said “the action is only applicable where an individual has a reasonable expectation of privacy that is not overridden by public interests such as freedom of speech. We advocate a common sense approach, whereby privacy interests are weighted against other important concerns such as the public’s ‘right to know’ and the protection of national security”. Despite this watch out for media types jumping from tall buildings.

Read more in Open and Shut.



Opening a can of worms wrapped in a fur ball while jumping into a rat's nest? Apparently they believe that changing the password locks everyone else out. WRONG The comments suggest the Sheriff is somewhat controversial. Might be nothing, might be amusing.

http://yro.slashdot.org/story/09/08/15/212254/Arizona-Judge-Tells-Sheriff-Reveal-Password-Or-Face-Contempt?from=rss

Arizona Judge Tells Sheriff "Reveal Password Or Face Contempt"

Posted by timothy on Saturday August 15, @05:33PM from the life-in-these-united-states dept.

An anonymous reader writes

"Four days ago, deputies from the Maricopa County Sheriff's Office in Arizona conducted a raid against the county government building hosting computers for a law enforcement database. After threatening to arrest county employees who would stop them, the officers proceeded to secure the room and promptly changed passwords on many of the servers. [I doubt this serves any legal purpose. Bob] In a hearing on Friday, a Superior Court judge threatened to hold members of the Sheriff's Office in contempt if they did not reveal the passwords by next Wednesday. Following this, the Sheriff's Office claimed to be conducting an investigation against other Superior Court judges. Courts have asked for passwords before, but never under conditions like this."



There are a number of Web2.0 guides for various professions. Nothing terribly new other than who is asking. (This is better done as a series of “Here's how it works” seminars, allowing individuals to innovate freely.)

http://www.bespacific.com/mt/archives/022061.html

August 15, 2009

DoD Web 2.0 Guidance Forum

DoD Web 2.0 Guidance Forum - Value of Web 2.0 Capabilities: "In examining how the Department of Defense should take maximal advantage of Web 2.0 capabilities (including social networking services, social media, wikis, blogs, RSS feeds, etc.), we are looking at how Web 2.0 capabilities can be used to improve current and future Department operations. Operations in this sense include both broad business and warfighting processes. Specifically, we are looking for insight from various Defense interest groups and think tanks, including Veterans groups, industry groups and individuals who have insights they can share regarding how Web 2.0 capabilities can be used to transform how the Defense Department operates."

No comments: