National Committee on Vital and Health Statistics, 2005-2006. February 2008 37 pp. (PHS) 2008-1205
Still Seeking a Truly Digital Life - Analysis: "The French call it 'dematerialization' but the search for a paperless existence continues to elude even technophiles." Peter Sayer, IDG News Service.
Follow up to previous postings on litigation and hearings on missing White House email and violations of the Presidential Records Act, news today from AP: "Older White House computer hard drives have been destroyed, the White House disclosed to a federal court Friday in a controversy over millions of possibly missing e-mails from 2003 to 2005. The White House revealed new information about how it handles its computers in an effort to persuade a federal magistrate it would be fruitless to undertake an e-mail recovery plan that the court proposed."
The World Privacy Forum - A Legal and Policy Analysis - Personal Health Records: Why Many PHRs Threaten Privacy, Prepared by Robert Gellman for the World Privacy Forum, February 20, 2008
New York Times: Pushing Paper Out the Door, by Hannah Fairfield
"The Committee for Economic Development (CED)...released a new report – Harnessing Openness to Transform American Health Care (94 pages, PDF) – that focuses on how to improve health care by giving people more access to information and making the information more responsive to their contributions. The report touches on the entire production system for health care from biomedical research to clinical trials to electronic health care records and patient/doc interactions. It also addresses open access publishing of research results and access to clinical trial data, openness in public health, the impact of greater openness on approval of medical devices, and open models of innovation. The report was prepared by CED's Digital Connections Council (DCC). The DCC is a group of information technology experts from CED-affiliated companies established to advise CED on the policy issues associated with the digital economy and emerging technologies. This report follows the late 2007 release of CED’s report, Quality, Affordable Health Care For All: Beyond The Employer-based Health-insurance System, which includes findings and recommendations on health care reform from CED."
World Privacy Forum: "Consumers and organizations have an opportunity to submit public comments about the accuracy and integrity of credit reports. Until February 11, the Federal Reserve Board, the Federal Trade Commission and other banking agencies will be accepting comments on their draft rulemaking regarding how creditors and other furnishers provide information to consumer reporting agencies, and which types of direct disputes they must handle. This proposed rulemaking is a key one; it defines what accuracy and integrity of information provided to consumer reporting agencies means, how disputes may be handled directly with the furnishers, and which types of direct disputes furnishers may ignore. The NCLC, Consumer's Union, and the World Privacy Forum have written a sample letter that may be downloaded and used or modified for the comments. To file your letter, submit your comments to the Board of Governors of the Federal Reserve System by mailing the comments to regs.comments@federalreserve.gov with the subject line "Docket No. R–1300."
Press release: "Congresswoman Betty McCollum (MN-04), has sent a letter to the Government Accountability Office asking that it reopen its investigation of the privacy and national security risks posed by government agencies reselling used magnetic data tapes that may once have contained large amounts of sensitive personal and government information. Researchers working for Imation, an Oakdale, MN-based corporation that produces magnetic data tapes, were able to recover a wide range of sensitive information from used data tapes that were supposedly wiped clean before being re-sold. Using readily available equipment and information, Imation investigators found out where the tapes originated and recovered bank account numbers, expense reports, employee tax and benefit information, and other sensitive data."
Coalition for Patient Privacy: "Our mission is to ensure that Americans control all access to their health records."
Follow up to previous postings on missing White House emails, from the House Oversight Committee: "On February 15, the Committee will hold a hearing to investigate White House compliance with the Presidential Records Act. Statements made at the January 17 White House press briefing contradict information provided to the Committee, which revealed that a 2005 White House analysis found no archived mail for hundreds of days between 2003 and 2005. The following officials have been invited to testify: Fred Fielding, Counsel to the President; Alan Swendiman, Director, Office of Administration; Allen Weinstein, Archivist of the United States."
New Questions Raised About White House Records Preservation: "In letters to the White House and the National Archives, House Oversight Chairman Waxman asks whether the White House has preserved its records according to the obligations of the Presidential Records Act, and what the White House has done to prepare for the transition of presidential records to the Archives in January 2009."
Documents and Links
Press release: "Becta [British Educational Communications and Technology Agency], the education technology agency, has published a key report on Microsoft Vista and Office 2007 and on document interoperability which analyses the suitability of both software packages for adoption by schools and colleges."
Press release: "Proofpoint, Inc., the leading provider of unified email security and data loss prevention solutions, today reported spam trends for data collected during the month of November 2007, finding that, on average, spam continues to represent nearly 90% of the total email volume received by large enterprises. Attachment-based spam made a comeback with the prevalence of image-based spam, PDF spam and Microsoft Word document spam all increasing over October levels."
Government Technology: "A new white paper designed to help public officials develop policies for removing Social Security numbers and other sensitive information from public documents is now available online. The National Association of Secretaries of State (NASS), in collaboration with the National Electronic Commerce Coordinating Council (eC3), today released a joint white paper on redaction entitled Privacy, Public Access & Policymaking in State Redaction Practices. Developed with input from leading experts in government, academia and the private sector, the paper is the first national report specifically written for state and local leaders coping with data security issues in public records."
National Association of State Chief Information Officers - The Search Is On: State CIO Starting Points for E-Discovery
November 2007: "In its September 2007 Issue Brief entitled Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery!, NASCIO raised the importance of State CIO involvement in e-discovery and the need for collaborative state electronic records management activities to properly address e-discovery requests. In this follow-up Research Brief, NASCIO provides starting points for State CIOs to improve the state’s ability to successfully address legal requests for electronic information.
Topics include:
Follow up to previous postings on litigation and hearings on missing White House email and violations of the Presidential Records Act: "The National Security Archive filed a motion on Friday, October 26, seeking expedited discovery against the Executive Office of the President to find out what e-mails are missing from the White House e-mail system or backup tapes. Archive General Counsel Meredith Fuchs explained, “The pressing need for the information arises out of troubling representations by the EOP and its components about its document preservation obligations and the location of its backup tapes. We need information so we can take steps to preserve all possible sources of e-mails deleted from the White House servers.” Also on Friday, a similar motion was filed in a virtually identical lawsuit brought by Citizens for Responsibility and Ethics in Washington (CREW) on September 25, 2007.
The Archive filed this case on September 5, 2007, against the Executive Office of the President (EOP) and its components seeking to recover at least 5 million federal e-mail records improperly deleted by the EOP. After the government failed to provide adequate assurances that backups and copies of the missing e-mail would be preserved throughout this litigation, on October 11, 2007, CREW filed a motion for a temporary restraining order against the White House defendants in its case. A hearing in CREW’s case was held before Magistrate Judge Facciola on October 17, 2007. Magistrate Judge Facciola issued a Report and Recommendation on October 19, 2007, advising the Court to grant a temporary restraining order. The government has filed objections to Magistrate Judge Facciola’s Report and Recommendation, and CREW has responded to the government’s objections."
NASCIO - Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery, September 2007: "In increasingly consolidated state technology environments, State CIOs may have heightened responsibility for the storage, preservation and retrieval of electronic information in response to e-discovery requests. Since government information is a knowledge asset, State CIOs must ensure the proper management of state information assets in addition to the technological infrastructure for locating and retrieving that information. This issue brief explains the impact for State CIOs of e-discovery requests and encourages State CIOs to pursue a holistic approach to enterprise records management as part of a team of state government stakeholders, including state legal counsel, archivists, records managers, and agency business leaders."
Materials from PLL Programs at AALL 2007 - The Challenge of Electronic Discovery: How Reference Service, Records Management and Litigation Support Interact, Speakers: John Montaña, Esq., PelliGroup, Inc. and Rachelle L. DeGregory, Esq., LexisNexis [PowerPoint document]
"The World Privacy Forum has filed public comments with the Department of Health and Human Services requesting that its new National Disaster Medical System protect all patient information to at least the baseline protections that HIPAA affords, including the HIPAA security and privacy protections. Currently, the new system does not do this, even though the system is housed at HHS, the agency which promulgated the HIPAA standards. The National Disaster Medical System currently contains overbroad routine uses which could potentially result in significant privacy and even public health issues. For example, public health information will not be able to be disclosed under the National Disaster Medical System as the system is currently organized. Additionally, some of the current routine uses in the system would authorize disclosures that would be illegal under HIPAA. For example, Congressional disclosure of a HIPAA record requires a written authorization, something the new system does not require. Read the comments (PDF)."
Press release: "Personal information of certain uniformed service members, family members and others was placed at risk for potential compromise while being processed by SAIC under several health care data contracts for military service customers, the company said today. SAIC remedied the security lapses upon learning of them and began working with the customers to mitigate any potential impact. Forensic analysis has not yielded any evidence that any personal information was actually compromised; however, the possibility cannot be ruled out. SAIC is notifying approximately 580,000 households, some with more than one affected person."
Toward a Safer and More Secure Cyberspace, Seymour E. Goodman and Herbert S. Lin, Editors, Committee on Improving Cybersecurity Research in the United States, National Research Council, 272 pages, pre-publication copy, 2007.
WSJ free feature: When Public Records Are Too Public - Open Records Are an Established Tradition, But Does Internet Access Call for a Change?: "Property deeds, marriage and divorce records, court files, motor-vehicle information and tax documents are increasingly being digitized, and contain a wealth of information that few of us would want online: Social Security numbers, birth dates, maiden names and images of our signatures. Local governments have rushed to put those documents online for a decade or so, often without scrubbing them of such information. And that's made them potentially fertile ground for busybodies, stalkers and identity thieves."
Administration Oversight, White House Use of Private E-mail Accounts: "The Oversight Committee has been investigating whether White House officials violated the Presidential Records Act by using e-mail accounts maintained by the Republican National Committee and the Bush Cheney ‘04 campaign for official White House communications. This interim staff report provides a summary of the evidence the Committee has received to date, along with recommendations for next steps in the investigation."
The information the Committee has received in the investigation reveals:
Press release: OMB Issues New Guidelines for Protecting the Confidentiality of Statistical Information (June 15, 2007)
Implementation Guidance for Title V of the E-Government Act, Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA). AGENCY: Office of Management and Budget, Executive Office of the President. ACTION: Notice of decision. Federal Register: June 15, 2007 (Volume 72, Number 115) [Page 33361-33377]
Daniel Pulliam at Govexec.com reported, "Eighteen agencies have been asked by the Office of Special Counsel to preserve electronic information dating back to January 2001 as part of its governmentwide investigation into alleged violations of the law that limits political activity in federal agencies. The OSC task force investigating the claims has asked agencies, including the General Services Administration, to preserve all e-mail records, calendar information, phone logs and hard drives going back to the beginning of the Bush administration."
Information Technology: VA and DOD Are Making Progress in Sharing Medical Information, but Are Far from Comprehensive Electronic Medical Records GAO-07-852T, May 8, 2007.
Follow-up to postings on the escalating interest in the U.S. Attorney firings, this press release: "Citizens for Responsibility and Ethics in Washington (CREW) released a report [April 12, 2007], WITHOUT A TRACE: The Missing White House Emails and the Violations of the Presidential Records Act, detailing the legal issues behind the story of the White House e-mail scandal. WITHOUT A TRACE covers the following areas:
Following up on this April 10, 2007 posting, House Judiciary Committee Subpoenas AG Gonzales, and related links on the U.S. Attorney firings, today this press release from Rep. Waxman's House Oversight and Government Reform Committee: "Following briefings from the White House and Republican National Committee that revealed an extensive volume of e-mails regarding official government business may have been destroyed by the RNC, Chairman Waxman directs government agencies to preserve e-mails received from or sent to non-governmental e-mail accounts used by White House staffers. The Committee also requests that government agencies provide an inventory of all e-mails involving these accounts. The briefing received by the Committee raises serious concerns about the White House compliance with the Presidential Records Act, which requires that the President "take all such steps as may be necessary to assure that the activities, deliberations, decisions, and policies that reflect the performance of his constitutional, statutory, or other official or ceremonial duties are adequately documented and that such records are maintained as Presidential records."
Related documents: This press release includes links to letters from the Chairman to 16 agency heads, which duplicate the text of a letter to Attorney General Gonzales. Each letter is three pages, PDF.
Tech//404® Data Loss Cost Calculator: "Data loss resulting from network security breaches and identity theft has become a regular occurrence. While the number of affected records can vary widely in any given data loss scenario, a recent study by the Ponemon Institute found that the average number was roughly 99,000. For recent examples and media reports, visit the data loss archive. Darwin created the Tech//404® data loss cost calculator as a tool to demonstrate the scope of negative financial impact an organization may face as a result of a data breach or identity theft data loss scenario. The calculator will automatically generate an average cost, and a plus/minus 20% range, for expenses associated with internal investigation, notification/crisis management and regulatory/compliance if the incident were to give rise to a class action claim."
The Third Branch, March 2007: "Some day in the not-too-distant future, locating and reading a brief filed in a federal appellate case will become as easy as finding an appeals court opinion. And electronic appellate briefs will feature hyperlinks to lower court rulings, statutes, regulations, and other cited materials. “Judges generally are excited about having attorneys file briefs that contain hyperlinks to citations,” said Gary Bowden, chief of the Administrative Office’s Appellate Court and Circuit Administration Division. “And through PACER (the Public Access to Court Electronic Records system) these briefs will be available to everyone.” Until late last year, 10 of the 12 regional appellate courts were using an antiquated system of receiving, storing and tracking their cases, a system that at age 20 was long overdue for retirement." The St. Louis-based U.S. Court of Appeals for the 8th Circuit took a giant step in December when it became the first of those 10 courts to go live with Case Management/Electronic Case Files (CM/ECF). The rest are to follow by the end of 2007."
"Citing evidence that senior White House officials are using RNC and other political email accounts to avoid leaving a record of official communications, Chairman Waxman directs the Republican National Committee and the Bush-Cheney ’04 Campaign to preserve the emails of White House officials and to meet with Committee staff to explain how the accounts are managed and what steps are being taken to protect the emails from destruction and tampering."
Documents and Links:
Press release: "The majority of consumers place some importance on whether a physician has electronic health records when choosing a physician and would be willing to pay for the service, according to research results released today by Accenture. The goal of the research, a survey of 600 U.S. consumers and interviews with more than 100 physicians, was to gauge consumer and physician attitudes toward electronic health records (EHR). An EHR comprises an individual’s medical information including conditions, medication information, test results and treatment plans that exist in electronic form. Among the key findings: Two-thirds (67 percent) of consumers said that electronic health records are at least slightly important in their selection of a physician, and half (51 percent) said they would be willing to pay for the service, if the price were reasonable. At the same time, just one in ten physicians interviewed (11 percent) currently uses electronic records."
"The World Privacy Forum filed public comments with the Department of Health and Human Services in response to an HHS request for information regarding the use of patients' genetic data for research, health care, and for use in electronic health records. The World Privacy Forum is requesting that HHS use all Fair Information Principles in any personalized health care projects, and is requesting that a formal ELSI (ethical, legal, and social implications) committee be set up to oversee any projects, among other requests."
Health Information Technology: Early Efforts Initiated but Comprehensive Privacy Approach Needed for National Strategy, Full text GAO-07-400T, and Highlights, February 1, 2007: "GAO identified key challenges associated with protecting electronic personal health information in four areas."
Table of Contents for LLRX.com - January 15, 2007 issue:
"The world of Legal Technology has...had its share of ups and downs in 2006, with companies spying on their boards, the treasury department spying on money transfers, and the government spying on, well, everyone! With all the spying going on, data security was certainly on everyone's mind in 2006, and several key stories arose out of the inability of companies and government agencies to protect their customer and employee data. The new Federal Rules of Civil Procedure also added to the mix with new requirements for companies and other potential litigants to keep in mind as they generate gigabytes and gigabytes of information every day." [Link]
Press release: "Building clinical research into the Nationwide Health Information Network (NHIN) will enable faster discovery and verification of treatments and cures, according to a report released today by FasterCures. The report, Ensuring the Inclusion of Clinical Research in the Nationwide Health Information Network, details steps to help speed the implementation of Electronic Health Record (EHR) systems and suggests four strategies to include a research component in the NHIN, the federal government's planned "Internet for Healthcare."
Press release: "U.S. Deputy Attorney General Paul J. McNulty announced today during a speech at a meeting of the Lawyers for Civil Justice in New York that the Department of Justice is revising its corporate charging guidelines for federal prosecutors throughout the country. The new guidance revises the Thompson Memorandum, which was issued in January 2003 by then-Deputy Attorney General Larry D. Thompson and titled the “Principles of Federal Prosecution of Business Organizations.” The memo provides useful guidance to prosecutors in the field through nine factors to use when deciding whether to charge a corporation with criminal offenses. The guidance continues to require consideration of the factors from the Thompson memo but adds new restrictions for prosecutors seeking privileged information from companies. Specifically, it creates new approval requirements that federal prosecutors must comply with before they can request waivers of attorney-client privilege and work product protections from corporations in criminal investigations."
Information Technology: DOD Needs to Ensure That Navy Marine Corps Intranet Program Is Meeting Goals and Satisfying Customers, Full-text GAO-07-51, and Highlights, December 8, 2006.
Markle Foundation - Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information (41 pages, PDF): "A white paper that describes a networked environment in which consumers could establish secure electronic connections with multiple entities that hold personal health information about them. The paper discusses how consumer participation in networked environments has transformed other sectors, such as travel and finance, and concludes that the health care sector would benefit greatly from a properly designed secure network that enables greater consumer engagement."
Sentinel Audit II: Status of the Federal Bureau of Investigations Case Management System (Redacted), Audit Report 07-03, December 2006 (PDF - Full Report)
U.S. Public Policy Committee of the Association for Computing Machinery: "...the National Institute of Standards and Technology (NIST) released a paper recommending that federal standards allow certification only for "software independent" (i.e. ones that create a paper trail) e-voting systems. A key technical panel will consider and vote upon the recommendations this [week]. Calling these recommendations an important step forward for improving e-voting machine security, USACM issued a letter urging the panel to adopt the recommendations..."
The Third Branch: "On December 1, 2006, amendments to Federal Rules of Civil Procedure 16, 26, 33, 34, 45 and revisions to Form 35 will take effect unless Congress enacts legislation to reject, modify or defer them. These amendments and revisions are all aimed at one particular area of discovery—electronically stored information, meaning all information in computers...One study found that the cost of discovery represents approximately 50 percent of the litigation costs in all cases, and as much as 90 percent of the litigation costs in the cases where discovery is actively employed. A "cottage industry" of forensic specialists has emerged with the sole purpose of assisting law firms comply with their electronic discovery obligations...For more on the specific changes in the rules aimed at discovery of electronically stored information, visit http://www.uscourts.gov/rules/Reports/ST09-2006.pdf."
"Few corporations are prepared for the new federal rules slated to take effect Dec. 1 for electronic discovery of documents in civil cases, according to a survey conducted by Computerworld. About 42% of the 170 IT managers and staffers surveyed said they did not know the status of their company's preparation for the new rules, while 32% said their company was not at all prepared."
Press release: "Lawyers who receive electronic documents are free to look for and use information hidden in metadata – information embedded in electronically produced documents – even if the documents were provided by an opposing lawyer, according to a new ethics opinion from the American Bar Association."
Treasury Inspector General for Tax Administration (TIGTA) "audit found that the use of the Free File Program declined after income restrictions were applied." September 29, 2006 (42 pages, PDF)
AmLaw Tech Survey: Law Firms Play Variations on Old Themes - "The 11th annual survey finds firms expanding IT while adopting new versions of old standards."
Guidelines for State Trial Courts Regarding Discovery of Electronically-Stored Information, Conference of Chief Justices, Approved August 2006.
Press release: California "Attorney General Bill Lockyer today filed felony charges against former Hewlett-Packard Chairwoman Patricia C. Dunn and four other defendants, alleging they committed criminal offenses related to the use of false pretenses to access individuals' phone records during the company's probe of boardroom leaks to the media."
Follow-up to previous postings on EPA's closure of libraries, this press release: "Prosecution of polluters by the U.S. Environmental Protection Agency "will be compromised" due to the loss of "timely, correct and accessible" information from the agency's closure of its network of technical libraries, according to an internal memo released today by Public Employees for Environmental Responsibility (PEER). EPA enforcement staff currently rely upon the libraries to obtain technical information to support pollution prosecutions and to track the business histories of regulated industries."
Metadata and other things that go bump in the night (41 pages, PDF) - "There is data lurking in your data. Some people call it "invisible ink". Microsoft refers to it as "metadata". Either way, the reference is to information in an electronic document that is not always visible. This session will explain the dangers of metadata, how to avoid it, and recent bar association interest in the ethics of exposing or mining metadata." [by Catherine Sanders Reach]
Press release, August 17, 2006, U.S. Citizenship and Immigration Services: "USCIS Announces Establishment of a Records Digitization Facility in Williamsburg, Ky., that will digitize more than one million UCIS Alien-Files (A-Files) during the first phase...[there are approximately 70 million immigration records]."
Final Rule: Safe Harbors for Certain Electronic Prescribing and Electronic Health Records Arrangements Under the Anti-Kickback Statute, pre-publication copy - to be published in August 8, 2006 Federal Register. (133 pages, PDF)
Related references:
Financial Restatements: Update of Public Company Trends, Market Impacts, and Regulatory Enforcement Activities, Full text GAO-06-678, and Highlights, July 24, 2006.
Press release: "CA today announced a new security survey of 642 large North American organizations which shows that more than 84% experienced a security incident over the past 12 months and that the number of breaches continues to rise. According to the findings, security breaches have increased 17% since 2003. As a result, 54% of organizations reported lost workforce productivity; 25% reported public embarrassment, loss of trust/confidence and damage to reputation; and 20% reported losses in revenue, customers or other tangible assets. Of the organizations which experienced a security breach, 38% suffered an internal breach of security."
"The potential benefits of sharing patient electronic records within health systems are broadly agreed, but concerns remain over patient consent and security. Experts in this week's BMJ discuss how patients should consent to use of electronic records in the NHS and how the data can be kept secure."
Press release: "The Federal Trade Commission and the Department of Justice's (DOJ) Antitrust Division today announced that they are implementing an electronic filing system that allows merging parties to submit via the Internet premerger notification filings required by the Hart-Scott-Rodino (HSR) Act. Electronic filings may be submitted quickly and easily, eliminating the time and expense entailed in duplicating and delivering documents."
Related government documents:
"...the eHealth Vulnerability Reporting Program (eHVRP) is a collaborative of health care industry organizations, technology companies and security professionals. eHVRP’s mandate is to establish approaches and procedures that will help ensure eHealth systems are broadly and rapidly deployed with the highest levels of privacy and security."
An interesting article in today's National Law Journal (free) discusses issues associated with the integrity of digital evidence, including email, photos, and metadata.
SEC press release: "The Securities and Exchange Commission today filed a civil injunctive action against Morgan Stanley & Co. Incorporated for failing to produce tens of thousands of e-mails during the Commission's IPO and Research Analyst investigations from Dec. 11, 2000, through at least July 2005. The Commission alleges in its complaint that Morgan Stanley did not diligently search for back-up tapes containing responsive e-mails until 2005. Morgan Stanley also failed to produce responsive e-mails because it over-wrote back-up tapes."
Sarbanes-Oxley Act: Consideration of Key Principles Needed in Addressing Implementation for Smaller Public Companies,
Full Report GAO-06-361, and Highlights, April 13, 2006.
HealthNex blog, sponsored by IBM, is a joint effort by industry and consumer groups, focused on sharing resources pertaining to e-health records and other IT related issues (such as RFID technology and patient privacy).
Information Technology: Near-Term Effort to Automate Paper-Based Immigration Files Needs Planning Improvements, Full text GAO-06-375, Highlights, March 31, 2006.
Follow the E-Mail Trail - What you can learn from the data embedded in e-mail headers, by Mark A. Berman and Aaron Zerykier, The National Law Journal.
ComputerWorld reports that Westchester County in New York is the first county in the nation to require all businesses with wireless networks that collect consumer related data to use "minimun security measures."
Financial Management Systems: Lack of Disciplined Process Puts Effective Implementation of Treasury's Governmentwide Financial Report System at Risk, Full-text GAO-06-413, Highlights, April 21, 2006.
ABA Journal: Understanding Search-Term Basics Ensures More Thorough E-Discovery Compliance
Federal Register: April 10, 2006 (Volume 71, Number 68)][Rules and Regulations][Page 18007-18008], National Archives and Records Administration (NARA), Final Rule: "The Information Security Oversight Office (ISOO), National Archives and Records Administration (NARA), is publishing this Directive pursuant to section 102(b)(1) of Executive Order 12829, as amended, relating to the National Industrial Security Program. This order establishes a National Industrial Security Program (NISP) to safeguard Federal Government classified information that is released to contractors, licensees, and grantees of the United States Government. Redundant, overlapping, or unnecessary requirements impede those interests. Therefore, the NISP serves as the single, integrated, cohesive industrial security program to protect classified information and to preserve our Nation's economic and technological interests. This Directive sets forth guidance to agencies to set uniform standards throughout the NISP that promote these objectives."
FCW.com: Agencies risk unwitting release of sensitive information using popular office software: "The causes of much of the hidden data problem are users' ignorance of how digital documents work and software companies' tendency to give customers too much of what they want — ease of use and flexibility."
New York Times interview with DHS Director Michael Chertoff,by Deborah Solomon, April 2, 2006: Chertoff states, "I don't use e-mail. One reason is when you write an e-mail, you have to be mindful of the fact that nothing ever disappears. It can be deleted, but it is still in the system somewhere...They can get me. They don't need to e-mail me. There's a thing called a telephone."
Defense Critical Technologies, (151 pages, PDF), March 2006. This report is a product of the Defense Science Board (U.S.) and the Defence Scientific Advisory Council (UK). This report is unclassified.
ComputerWorld reports on enterprisewide search applications implemented by large corporations for a range of tasks, including competitive intelligence, e-discovery, and generating intranet content. Solutions such as FAST, Autonomy and Endeca index formats including text, audio and video.
Federal Bureau of Investigation: Weak Controls over Trilogy Project Led to Payment of Questionable Contractor Costs and Missing Assets, Full-text, GAO-06-306, and Highlights, February 28, 2006.
Adobe whitepaper, Redaction of Confidential Information in a Document: "How to safely remove sensitive information from Microsoft Word documents and convert to PDF"
Follow-up to National Journal Article Claims Curtailed Gov't Surveillance Program Still Active, from today's New York Times, Taking Spying to Higher Level, Agencies Look for More Ways to Mine Data: "...by fundamentally changing the nature of surveillance, high-tech data mining raises privacy concerns that are only beginning to be debated widely. That is because to find illicit activities it is necessary to turn loose software sentinels to examine all digital behavior whether it is innocent or not."
"Summary: NARA is revising our regulations to provide for the appropriate management and disposition of very short-term temporary e-mail, by allowing agencies to manage these records within the e-mail system." Federal Register, February 21, 2006 (Volume 71, Number 34)] [Rules and Regulations][Page 8806-8808].
New York Times: Too Many New Gadgets, Too Much Information at Risk: Loss, theft and viruses are major issues as corporate use of handheld devices and pocket PCs increases. Pre-emptive security options are available however, as this article describes.