Category: Blog Post Category

I am preparing for my talk at Quantified Self about my work on Programmable Self. I was asked to make a “reading list” for the people who were interested in this subject so I wanted to create that here. Please add links in my comments section for titles that I have omitted!! Requirements for inclusion […]

This is an open letter to the tiger team from HIT Policy Committee as well as the committee generally. Recently a group from HITPC gave recommendations to the NHIN Direct project regarding which protocol it should choose. I realized as I heard the comments there, that this group was reading the NHIN Direct Security and […]

I am a vocal participant on the NHIN Direct Security and Trust working group. Its a perfect place for me. I love Open Source healthcare, but my background was in InfoSec… and we never really forget our first love.. do we? At the NHIN Direct Security and Trust workgroup, I get to exercise all of […]

I have long been an advocate of reasonable and measured reaction to “privacy scare tactics”. I have argued, for instance, that it was a good thing that HIPAA does not cover PHR systems. But that does not mean that I do not think privacy is important. In fact there has been something nagging at the […]

Reuters is covering the news that Wikipedia is missing critical information about medicines that it covers. Specifically the following results were found: (researchers) found few factual errors in their evaluation of Wikipedia entries on 80 drugs. But these entries were often missing important information, andThe researchers compared Wikipedia to Medscape Drug Reference (MDR), a peer-reviewed, […]

Google.org, which is the philanthropic arm of Google, has released Google Flu Trends to great fanfare and criticism. Google Flu tracks searches for flu symptoms on Googles search service. So if I type “achy headache” into Google, it might count the search as evidence that I, or someone I was caring for, had the flu. […]

Express Scripts, one of the nations largest pharmacy benefit management companies, is being blackmailed with the release of private health information. The blackmailer proved that he/she has access to the data by providing information on 75 Express Scripts customers.The company has done a fine job of swallowing this bitter pill. They have done exactly the […]

There are more and more examples of how standard hacking techniques apply in healthcare, with serious consequences. Recent issues include RFID hacking and interference issues. Recently, a talk at BlackHat regarding hacking medical devices, including pacemakers, has begun appearing in popular blogs.What is most dangerous about this is not actually the hack itself, but the […]

Its time to set the record straight on what are valid criticisms of HealthVault and Google Health and what are not. If you have ever read my posts, then you can be sure that when an organization needs criticizing I am the first to give it them with both barrels. But here both Google and […]

I have passed my CISSP certification, marking me as an Information Security Expert. I had to pass a complex test and demonstrate that I had three years of full-time security experience to become CISSP certified. I have a four year degree in Computer Science, and I have been trained in Information Warfare by the United […]