I am not a super duper UNIX admin, but I do have expertise in the entire spectrum of network administration tasks in the UNIX, LINIX and Solaris environments. When I read that IBM will introduce the next generation of Power Systems, I got excited. This is to be the first family of systems and storage that offer virtualization capabilities all the way through to the operating system and middleware. This is supposed to be groundbreaking to support complex workloads with technology that's flexible as business needs evolve.
If anyone knows more about this, please contact me at kenjcohen@gmail.com. I always like to keep abreast of new technology.
Friday, February 26, 2010
Wednesday, February 24, 2010
Oops! Someone Forgot About Security!
It's mind boggling that after years of hearing and reading about identity theft, it's all too easy to let it happen. I have several friends and many, many acquaintances who are in transition -- that is, unemployed and looking for work. Most of them are in IT. Gone are the days when you sent a cover letter and resume by snail mail. Today you go online. Sites such as www.dice.com send you daily job leads. Some of those direct you to recruiters; others direct you to the web sites of large organizations such as Citibank. Recruiters are efficient because they just want the resume so they can forward it to hiring managers. Corporations and other large organizations such as hospitals have long, complicated online forms which require you to reinvent the wheel each time.
That's bad enough, but I was surprised to learn that some of these web sites require the job applicant to put his entire Social Security number and date of birth. Unless someone works in network security in that organization, there is no way to gauge its vulnerability to intrusion.
As I mentioned in an earlier post, The Great Pretenders, all you need to steal someone's identity is the name, Social Security number, date of birth and current address. All of the above are on those online job applications, which go to Human Resources. If the organization is also a health care provider and the security is outdated and/or weak, there is more opportunity for identity theft from hacking into medical records. Oops! Someone forgot about security or the powers that be did not want to spend the money on upgrades.
Part of the problem is that these online applications were written and authorized by individuals who were trying to make things easy for themselves. It's understandable, but they really need to talk the network security people in IT. There are ways to prevent identity theft, but once it happens, it's a nightmare for the victim. A quick fix by the company is all that's needed: remove the part that requires the Social Security number. It's that simple.
That's bad enough, but I was surprised to learn that some of these web sites require the job applicant to put his entire Social Security number and date of birth. Unless someone works in network security in that organization, there is no way to gauge its vulnerability to intrusion.
As I mentioned in an earlier post, The Great Pretenders, all you need to steal someone's identity is the name, Social Security number, date of birth and current address. All of the above are on those online job applications, which go to Human Resources. If the organization is also a health care provider and the security is outdated and/or weak, there is more opportunity for identity theft from hacking into medical records. Oops! Someone forgot about security or the powers that be did not want to spend the money on upgrades.
Part of the problem is that these online applications were written and authorized by individuals who were trying to make things easy for themselves. It's understandable, but they really need to talk the network security people in IT. There are ways to prevent identity theft, but once it happens, it's a nightmare for the victim. A quick fix by the company is all that's needed: remove the part that requires the Social Security number. It's that simple.
Friday, February 19, 2010
Where Are We With EMR's?
One of the goals of the Obama adminstration is to put all medical records in a digital format. It's a noble goal, but one that has a long way to go.
For starters, many doctors are reluctant to spend upwards of $10,000 to go from paper to digital. They have huge overheads (malpractice insurance premiums, facility rental costs, equipment costs, disposal costs and labor -- nurses, receptionists, secretaries and billing clerks). The last thing they want to do is add to that, especially since they are unclear about the advantages. And the dirty little secret is that many doctors are not that computer-literate.
The other problem is that there is no standard yet for medical records. The point of electronic medical records (EMR's) is to become more efficient. A specialist should be able to e-mail a patient's records to the GP. A doctor should have access to the patient's records, even if the patient had been admitted to an out-of-state hospital, say, with a heart attack. If the patient were at a VA hospital, that's doable, from Maine to Hawaii. If the patient was taken to a regular hospital, good luck.
My son's pediatrician not only relies on EMRs, but encourages patients to take advantage of access. There's an annual tech fee of $25.00, but it's worth every penny. If we visit relatives in Florida and we need to double check on the dosage of Children's Tylenol that he recommends, we can access it from any computer or smart phone with a good browser.
If we are to make visible progress with EMR's, we need a consortium of government, insurance and tech firms to come up with standards for software that is both user-friendly and flexible. Standards change. Twenty-some odd years ago, Lotus ruled the world of spreadsheets. It interfaced with Quicken and other software. Excel was able to capture the market not just because it is easier to use, but because people could easily convert. That's the direction we need to take with EMR's.
For starters, many doctors are reluctant to spend upwards of $10,000 to go from paper to digital. They have huge overheads (malpractice insurance premiums, facility rental costs, equipment costs, disposal costs and labor -- nurses, receptionists, secretaries and billing clerks). The last thing they want to do is add to that, especially since they are unclear about the advantages. And the dirty little secret is that many doctors are not that computer-literate.
The other problem is that there is no standard yet for medical records. The point of electronic medical records (EMR's) is to become more efficient. A specialist should be able to e-mail a patient's records to the GP. A doctor should have access to the patient's records, even if the patient had been admitted to an out-of-state hospital, say, with a heart attack. If the patient were at a VA hospital, that's doable, from Maine to Hawaii. If the patient was taken to a regular hospital, good luck.
My son's pediatrician not only relies on EMRs, but encourages patients to take advantage of access. There's an annual tech fee of $25.00, but it's worth every penny. If we visit relatives in Florida and we need to double check on the dosage of Children's Tylenol that he recommends, we can access it from any computer or smart phone with a good browser.
If we are to make visible progress with EMR's, we need a consortium of government, insurance and tech firms to come up with standards for software that is both user-friendly and flexible. Standards change. Twenty-some odd years ago, Lotus ruled the world of spreadsheets. It interfaced with Quicken and other software. Excel was able to capture the market not just because it is easier to use, but because people could easily convert. That's the direction we need to take with EMR's.
Subscribe to:
Posts (Atom)