The Intelligence and National Security Alliance President Ellen McCarthy used the revelation of the hack, uncovered late Wednesday, to highlight a major point of the study: How government can help industry protect its IT.
While it's good to see more privacy and security details included in the final version of the Federal Health IT Strategic Plan, much work remains to ensure patient information is protected when it's exchanged.
International communication and public-private partnerships are the keys to cybersecurity in the financial space, according to the Department of Homeland Security and the Financial Services - Information Sharing and Analysis Center.
From 2004 to 2010, Latesha Brown used her privileges to accept and submit forged birth certificates, pay stubs and other documents to obtain loans at several institutions. How did she go undetected for so long?
"You can't have someone arrested for violating your policies," says former Bear Stearns CISO Jennifer Bayuk. "The question is: What did he do, and was there a policy that would have prevented the activity?"
Faced with criticism for a lack of details and vision in its original draft of the Federal Health IT Strategic Plan 2011-2015, federal authorities have beefed up some privacy and security details in the final version.
In an attempt to make it easier to compare the privacy practices of personal health records vendors, the Office of the National Coordinator for Health Information Technology has created a model privacy notice.
"Once you identify that person based on the unique characteristics of their face, you could then match it with other databases," privacy advocate Beth Givens says, referring to privacy gaps created by facial recognition technology.