Fred Trotter

I have long been an advocate of reasonable and measured reaction to “privacy scare tactics”. I have argued, for instance, that it was a good thing that HIPAA does not cover PHR systems. But that does not mean that I do not think privacy is important. In fact there has been something nagging at the…

Reuters is covering the news that Wikipedia is missing critical information about medicines that it covers. Specifically the following results were found: (researchers) found few factual errors in their evaluation of Wikipedia entries on 80 drugs. But these entries were often missing important information, and The researchers compared Wikipedia to Medscape Drug Reference (MDR), a peer-reviewed,…

Google.org, which is the philanthropic arm of Google, has released Google Flu Trends to great fanfare and criticism. Google Flu tracks searches for flu symptoms on Googles search service. So if I type “achy headache” into Google, it might count the search as evidence that I, or someone I was caring for, had the flu. Enough…

Express Scripts, one of the nations largest pharmacy benefit management companies, is being blackmailed with the release of private health information. The blackmailer proved that he/she has access to the data by providing information on 75 Express Scripts customers. The company has done a fine job of swallowing this bitter pill. They have done exactly…

There are more and more examples of how standard hacking techniques apply in healthcare, with serious consequences. Recent issues include RFID hacking and interference issues. Recently, a talk at BlackHat regarding hacking medical devices, including pacemakers, has begun appearing in popular blogs. What is most dangerous about this is not actually the hack itself, but…

Its time to set the record straight on what are valid criticisms of HealthVault and Google Health and what are not. If you have ever read my posts, then you can be sure that when an organization needs criticizing I am the first to give it them with both barrels. But here both Google and…

I have passed my CISSP certification, marking me as an Information Security Expert. I had to pass a complex test and demonstrate that I had three years of full-time security experience to become CISSP certified. I have a four year degree in Computer Science, and I have been trained in Information Warfare by the United…

You probably do not need health care privacy. Or at least, no more than you already have. There are stringent laws in place to ensure that your doctor does not blab your private information. Moreover, health software architects like me obsess about the security details of the just-forming Health Internet (what the Nation-Wide Health Information…