John Wood of Telos Corporation provides an inside look into the Virginia Cyber Security Commission, established by Gov. Terry McAuliffe in 2014.


Shortly after taking office in 2014, Gov. Terry McAuliffe signed an Executive Order establishing the Virginia Cyber Security Commission “to bring public and private sector experts together to make recommendations on how to make Virginia the national leader in cyber security.”  It was my privilege to serve as a member of the Virginia Cyber Security Commission for the past two years, and I want to commend my fellow commissioners for their contributions, particularly Co-Chairs Richard Clarke and Secretary of Technology Karen Jackson, as well as our executive director, Rear Adm. Bob Day (Ret.).  With the Commission’s two-year authority ending this spring, it’s a good time to look back on what was accomplished and to see what’s next.

Being on the Commission was an eye-opener in many ways. The Commonwealth faces numerous and evolving challenges in the battle to secure state and local government networks, and to help protect the private sector and citizens of Virginia.  I was incredibly impressed with how open and honest our discussions were as we explored many complex issues.  This includes not only commissioners but the Governor’s appointees and other state employees who were party to our discussions – they were remarkably candid with us about the serious threats Virginia faces in cyber space and what actions are needed. We heard from and worked with representatives from state and federal law enforcement, the Virginia chief information officer, and other state government information security professionals. It was refreshing to hear such blunt assessments of our vulnerabilities – there was no “bureaucratic” caution, probably because the threat is so real and so immediate.

The Commission served to shine a bright light on the challenges facing Virginia. We made a number of recommendations that led to subsequent actions by the Governor and General Assembly, improving Virginia’s cyber security posture.  Moreover, our activities have better positioned Virginia’s cyber security sector to be a vibrant national leader. These results are consistent with the Governor’s desire to “grow this key industry, keep Virginia’s cyber assets safe and create new, good jobs here in the Commonwealth.” 

I urge everyone to read the report issued last summer by the Commission.  It notes some of the recommendations that were already accepted by the Governor and adopted by the General Assembly, such as new laws to help prosecute cyber crime and put in place other policies to better protect Virginians.  More importantly, the report raises a number of issues that require further work.  The effort must continue – there is much to be done, and Virginia’s public and private sectors must continuously work together to illuminate the changing threats we face and to swiftly take appropriate actions to address them.

It was gratifying to see how easy it is to get things done when people work together to find consensus.  The Commission explored problems and made recommendations, and the Governor and General Assembly took action.  That’s the way government is supposed to work.

At the same time, I saw how difficult it is to get things accomplished when competing agendas battle for the same limited pool of resources. That was my biggest disappointment.  In our report, we identified a real need for dedicated funding to promote collaborative cyber security research and development between the higher education community and private sector. That course was endorsed by the members of the General Assembly’s own Joint Commission on Technology & Science (JCOTS), which recommended $5 million to fund this effort. But this bi-partisan recommendation was set aside in Richmond, at least for now, because there were simply too many R&D agendas fighting for the same pool of money and attention.  I am hopeful the Governor and General Assembly will return to this because I firmly believe, as do many of my fellow Commissioners and the members of JCOTS, that collaborative R&D will be a key element in our drive to grow the industry and make Virginia THE leader in cyber security.

One final note: cyber security does not recognize man-made, political boundaries.  In that light, we in the technology sector should be looking at where other companies and other states are making investments (like in R&D), and see where we might do the same. Similarly, I hope the Commission’s work will set an example for other states, and help to chart a path for Gov. McAuliffe to pursue greater cooperation among the states.  I know he is interested in making intrastate and interstate cyber security a major focus during his upcoming term as chairman of the National Governors Association, and Virginia’s cyber security leaders in the private sector should support his efforts in any way we can.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Most countries have a centralized model for managing healthcare supplies, but there is room for other options. This week on NVTC’s blog, LMI’s Taylor Wilkerson outlines three models that can help you choose the best option for your national healthcare system.


Most countries have a centralized model for managing healthcare supplies, but there is room for other options. The following decision tree can help you choose the best option for your national healthcare system. Note that all three models assume that contracts with vendors have been centrally negotiated to ensure bulk pricing. Determine the best model for your healthcare supply chain with three questions.


If your best option is a Vendor-Managed Inventory Model, vendors own and maintain the medical supply inventories at facilities around your country and are responsible for inventory fulfillment. Pricing is based on pre-negotiated bulk contracts.

Key Benefits

  • You don’t have to manage transportation or storage of supplies.
  • Since inventories are stored in facilities around your country, your healthcare supply system may be more flexible in times of disaster.

Key Disadvantages

  • To ensure standardized levels of care across the country, this model requires clearly defined management processes and data systems.
  • Analysis is needed to know whether vendor delivery costs would be more and less than one managed by your administration.

If you choose the Vendor-Managed Delivery Model, vendors manage delivery of supplies around your country. Districts, counties, or facilities place direct orders with vendors, with pricing based on pre-negotiated bulk contracts. The pricing includes delivery costs.

Key Benefits

  • You don’t have to manage transportation of supplies.
  • In case of disaster, the flexibility of your healthcare supplies depends on the resilience of your vendor’s delivery systems.

Key Disadvantages

  • To ensure standardized levels of care across the country, this model requires clearly defined management processes and data systems.
  • Analysis is needed to know whether vendor delivery costs would be more and less than one managed by your administration.

If your best option is a Centralized Inventory Model, you hold all inventory in a central warehouse and ship to medical facilities as needed.

 

Key Benefits

  • With all supplies are in one location, you can easily track inventory, even if you have not been able to invest in sophisticated data systems.
  • You may be able to negotiate the least expensive warehouse costs, since you need only one facility.
  • There is lower risk of running out of one type of supply, since overall inventory is larger than when it is stored regionally.

Key Disadvantage

  • In times of disaster, having all supplies in one location could make your healthcare system vulnerable.

Mr. Wilkerson heads the Global Health group at LMI. Mr. Wilkerson co-chairs the Supply Chain Risk Leadership Council and chairs the Penn State Center for Supply Chain Research advisory board. He has an MBA from the University of Maryland, and BE in mechanical engineering from Vanderbilt University.

Mr. Colaianni works in the Global Health group at LMI and manages supply management systems and policy. Formerly, Mr. Colaianni was an Army officer and managed the medical equipment program for Walter Reed Army Medical Center. Most countries have a centralized model for managing healthcare supplies, but there is room for other options. This week on NVTC’s blog, LMI’s Taylor Wilkerson outlines three models that can help you choose the best option for your national healthcare system. 

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Preparing for Genomics and Health Data Analytics

February 1st, 2016 | Posted by Sarah Jones in Guest Blogs - (Comments Off)

This week on NVTC’s Blog, LMI Senior Consultant Daniel DuBravec notes that we need to prepare for personalized medicine and the evaluation of genomic data.


Today’s electronic health record (EHR) systems cannot properly handle genomic data. Interpreting these huge and complex data, particularly in a visual manner, is challenging. Even when EHR systems can access these data, few standards exist for how to structure them to ensure seamless system integration, interoperability, and interpretation. Most medical schools do not teach doctors how to interpret genetic data, and local-level care centers require training on proper data storage and network security.

Precision medicine predicts, prevents, and treats diseases at the patient level. Its growth has created the need for internationally recognized genomic EHR standards and policies, which would protect individuals by ultimately improving patient outcomes. We need to prepare for a future in which medicine is more personalized and better able to evaluate genomic data. 

Real, Inspiring Stories

Recently, I met a colleague whose daughter is suffering from a genetic condition known as Stargardt disease. Sadly, her daughter is rapidly losing her vision. This disease, a form of juvenile macular degeneration, can only appear in children when both parents carry the mutated gene. If the gene had been identified at an early stage, medical practitioners would have had more time to investigate new drug therapies and gene-editing technologies to treat my colleague’s daughter. As part of her interoperable medical genetic record, physicians at research institutions who were also working on her case could have then viewed and collaborated by using this critical information. Hitting close to home, this is one of many stories that inspire us to prepare for the widespread application of precision medicine and genomic data analysis.

Making Genomic Data Useful for Medical Practitioners

The future of patient care requires connecting large external data sets with electronic healthcare records. Precision medicine will customize treatments down to a patient’s genes and behavior. By analyzing genetic data across thousands of people, scientists will discover preventative treatments and cures for challenging health issues.

Given the complexity of health and genomic data, one can analyze the same data in different ways and achieve different outcomes. “Well-designed data visualization could help doctors interpret the data more rapidly, arriving at more challenging diagnoses in less time,” says Erin Gordon, data visualization trainer and graphic facilitator at LMI.

Before developing a framework for integrating and analyzing disparate health data sets, we test our models for validity. “The quality of our medical data models has a direct impact on patient outcomes and daily operations in medical facilities,” says Brent Auble, a consultant with the Intelligence Programs group at LMI. To support LMI’s research into healthcare data management, our team set up a Hadoop cluster, which is a group of servers designed to quickly analyze massive quantities of structured and unstructured data.

Building the Future of Healthcare Analytics

Ultimately, to meet the growth in precision medicine and the use of health data analytics, future EHR systems need to:

  • automatically generate comparisons of multiple genomes,
  • identify and match genetic variants based on known diseases,
  • ensure patient data privacy, and
  • integrate and search medical publications and scientific research for relevant patient data.

Preparation is key in order to predict, prevent, and treat disease as medicine evolves.


Dan DuBravec is a senior consultant at LMI, leading IT implementation projects. Mr. DuBravec holds multiple EHR certifications, as well as a BS in product design from Illinois State University and an MS in educational technology leadership from George Washington University.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s Blog, Business Development, Marketing & Sales Vice Chair Jenny Couch of member company Providge Consulting shares critical changes to the IT landscape that your healthcare organization needs to have on its radar.


These days, technology seems to advance too rapidly for most of us to keep up. It’s certainly moving too rapidly for organizations to keep up with every single one of the “hot” trends.

healthITIn the noisy field of today’s latest tech, it’s all too easy to get caught up in the buzzwords and lists of “This Year’s Hottest IT Trends”, and miss the truly critical changes to the IT landscape that your organization needs to have on its radar.

The healthcare industry is uniquely positioned to be impacted by a convergence of critical IT trends within the coming years. But with budgets decreasing, and resource pools shrinking, it’s more challenging than ever to prioritize IT needs within the healthcare space.

We’ve highlighted the top five technology trends healthcare organizations must have on their radar in 2016.

  1. Cloud computing. Whether it’s a pharmaceutical company needing to store large amounts of data from clinical trials, or a hospital with a newly implemented EHR system, healthcare organizations of all kinds are increasingly turning to cloud computing for a variety of uses. According to Healthcare Informatics, the global healthcare cloud computing market is expected to reach $9.5 billion by 2020. And 83 percent of healthcare organizations are already leveraging the cloud. Only 6 percent of organizations have no plans to take advantage of the cloud in the coming years. If you’re in that 6 percent, it’s time to reconsider your plans. Cloud computing can be used to decrease costs, improve access, and create a better user experience for any healthcare organization. But, it’s critical that your organization take a strategic approach to moving to the cloud. Learn more about how you can leverage the cloud to best support your organization here. 
  2. The Internet of Things. Take a look at that FitBit on your wrist. Think about the incredible amount of data that one tiny device is generating constantly. The number of steps you take, the calories you burn, your sleep pattern, the stairs you climbed. These devices get more accurate and more intricate with every passing day. We are not far off from a future when we’ll be able to monitor nearly every aspect of our health, and the health of our loved ones without setting foot in a doctor’s office. Healthcare organizations will have to find a way to address what will be tectonic shift in how care is delivered. Communication methods will need to be established to collect the data generated by wearable and mobile devices. Methods for collecting and analyzing the influx of data will need to be developed so patterns can be identified. The manner in which treatment is delivered will have to change as we move away from the traditional doctor’s office visits, and into a world where a diagnosis can be made through analyzing the information generated through a patient’s mobile device, car, appliances, wearables, etc. And while this future may not quite be a reality, it’s coming soon, and healthcare organizations need to start preparing today.
  3. Data Explosion. Big data. Data analytics. Whatever term you use, the unparalleled rise in the amount and accessibility of data over the past few years is certain to have a massive impact on the healthcare industry. The explosion in big data occurred so quickly that 41 percent of healthcare executives say their data volume has increased by 50 percent or more from just one year ago. 50 percent in just one year. This incredible increase in data will allow medical professionals to more quickly and more accurately diagnose patients, but as with the Internet of Things, it will require fundamental shifts in how data is managed and how care is administrated. Healthcare organizations will need to train, or hire a workforce with the right data analysis  and medical skill sets. Regulations, processes, and platforms will need to be developed or implemented. Healthcare organizations who ignore this trend do so at their own peril. For as Accenture notes in a report released earlier this year for those who take advantage of the wealth of opportunity within big data, “Greater operational excellence and improved clinical outcomes await those who grasp the upside potential.”
  4. Efficiency in IT. If you haven’t heard the phrase “Doing more with less”  in the past few months, it’s probably time to climb out from under that rock you’ve been living under. With healthcare spending wildly out of control in the United States, every healthcare organization from physician’s offices to the largest hospital chains are being asked to do more with less. IT is a particularly ripe area for cutting costs, and resources. In 2016, the emphasis on doing more with less in IT will continue. Expect to see IT departments pursue options such as moving to the cloud, outsourced managed services, and bring your own device to help decrease IT operating costs.
  5. Cybersecurity. In 2014, 42 percent of all serious data breaches occurred at healthcare organizations. Sadly, this trend is certain to continue its upward trajectory in the coming years. Healthcare organizations who have not adequately upgraded their systems, and developed a thorough cybersecurity strategy are especially vulnerable to attack. Now is time to evaluate your systems, processes, and resourcing. Make sure your organization is positioned to proactively protect against attacks where possible, and identify and respond rapidly to breaches when they do occur.

Planning your 2016 health IT projects and priorities? Looking for a partner that will truly understand the challenges you are facing and the need to ensure success? Get in touch with us today. Our experienced health IT experts know the obstacles you face, and are ready to partner with you to deliver your projects on time, and on budget in 2016 and beyond.


Jenny Couch

This post was written by Jenny Couch. Couch is a project management consultant, and Providge’s Business Development Manager. She loves efficiency, to-do lists, and delivering projects on-time and on-budget.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, Kathy Stershic of member company Dialog Communications shares her final thoughts of her Brand Reputation in the Era of Data series.


Over the past few weeks, I’ve outlined 8 Principles that will help marketers protect and strengthen their brands in an era of radical change, where there is great temptation (and quite likely management pressure) to push boundaries further than ever before. Throughout this time and many preceding months, I’ve had countless conversations with people about the state of their data as well as the modern conveniences upon which they’ve come to rely. I’ve heard a Big Data expert actively advocating for stretching the law (or hinting at crossing the line) for the sake of competitive advantage. I’m sure he is not alone in that opinion. We are, all of us, currently in the Wild West.

While technology is accelerating what’s possible, the ideas outlined in the 8 Principles come back to common fundamental and timeless human needs that will outlast every wave of technology: People protecting what’s theirs, seeking respect and dignity, wanting control of their lives, enjoying freedom and avoiding harm. The brands they will choose for anything more than a one-time experience will be those who understand those concerns, and actively work to enable them.

There is more to brand reputation than being the app of the moment. Not every new thing will be transformational. But businesses who innovate as well as who truly respect their customers and actively work to earn trust stand a far greater chance of longevity than those who rely on buzz about the shiny new object, or who exploit to maximum advantage thinking the ‘sheeple’ won’t notice. It will take work. It will take awareness. It will take intention. It will take courage. And it will take leadership.

Eventually today’s Wild West will give way to a more mature market dynamic. Embracing these 8 Principles may help ensure your company is there when that time comes – or even leading the way.

Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!
Brand Reputation in the Era of Data – Principle 5: Practice Customer Empathy
Brand Reputation in the Era of Data – Principle 6: Comply with All Applicable Laws and Regulations. Then Exceed Them.
Brand Reputation in the Era of Data – Principle 7: Apply Technology Thoughtfully
Brand Reputation in the Era of Data – Principle 8: Actively Demonstrate Respect for Your Customers

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, Kathy Stershic of member company Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle eight: actively demonstrating respect for your customers.


The final of these 8 Principles clarifies a concept implied across the other seven. To become and remain a successful brand, businesses must actively demonstrate customer respect. Just saying ‘We respect our customers!’ is not enough. Prove it.

This can take many forms, from being transparent and honest about data collection and sharing practices to moderating your outreach below the annoyance level to integrating this attitude into your culture and policies – and many other opportunities mentioned through these posts.

Disrespectful practices were often brought up in the comments I’ve gotten. One respondent noted that “I want to feel like a vendor respects my data as much as I do.” People do not like bait-and-switch, confusing changes to privacy policies or anything that feels sneaky. They don’t like the burden of responsibility to stop something, like too much email or too many pop-ups. When everyone is tired or busy from their own lives, wearing people down or hoping they won’t notice might produce a short term win, but not long-term loyalty.

Having a straightforward dialog with your customers – even the ones who are unhappy with you – is another way to show respect. Everyone messes up – own it! Apologize, make it right and move on. If it wasn’t your fault, but there’s a small cost to making someone feel respected anyway – do it! Nordstrom figured this out a long time ago.

Nothing about customers wanting to feel respected and treated fairly is new. What is new is the exponential increase in vendor relationships enabled through technology. With the tremendous choice the modern customer enjoys, utility, benefit, quality and value are now table stakes. A differentiated and trusted experience, that includes feeling respected, is what will stand out. Someone’s choice of your product or service is a privilege. One of the best quotes from the respondent feedback sums it up: “Respect the customer and the customer will respect you.”

Brand Reputation in the Era of Data: 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships
Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!
Brand Reputation in the Era of Data – Principle 5: Practice Customer Empathy
Brand Reputation in the Era of Data – Principle 6: Comply with All Applicable Laws and Regulations. Then Exceed Them.
Brand Reputation in the Era of Data – Principle 7: Apply Technology Thoughtfully

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Growth Companies Benefit From Final Crowdfunding Rules

December 8th, 2015 | Posted by Sarah Jones in Guest Blogs - (Comments Off)

This week on NVTC’s blog, Alex Castelli of NVTC member CohnReznick shares how the SEC’s adoption of new crowdfunding rules could be a game changer for growth-focused businesses and investors.


The SEC’s adoption of new crowdfunding rules could be a game changer for growth-focused businesses and investors

On Oct. 30, 2015, the SEC approved final rules that permit companies to offer and sell securities through crowdfunding. The new rules provide another capital raising option for growth-oriented companies and offer additional options for investors who want to get in on the ground floor of in what could be a very successful business.

Benefits to Companies and Investors

Some of the key benefits of the SEC’s rules permitting crowdfunding or, simply put, the ability of companies to raise capital from the general public through the Internet are listed below.

  • Early-stage and growth companies that may be unable or unwilling to raise capital from institutional or private investors have access to another source of capital.
  • By offering and selling equity in their company through the Internet, companies gain a wider and more efficient distribution of the offering to a larger audience when compared to traditional sources.
  • Using the Internet to offer and sell securities should decrease the cost of capital
  • Non-accredited individual investors, previously excluded from equity crowdfunding investments, are now invited to become investors with certain limitations.
  • Investors have a level of protection since companies raising capital through crowdfunding will be required to utilize funding portals or registered broker dealers and will have certain disclosure requirements to investors. Additionally, funding portals that wish to participate in the crowdfunding process as an intermediary will be required to register with the SEC and become a member of FINRA.

Launching Your Crowdfunding Campaign

Even if you are a tremendously successful owner or executive, a successful crowdfunding effort will require expert marketing surrounding your efforts to raise funds. You and the members of your management team will assume the responsibility of formulating a marketing campaign to create interest in your offering. You’ll need a good story to tell investors complete with business plans, financial statements and projections.

In the crowd, you’ll be competing for investment dollars with other companies so you need to engage in strategies to elevate your offering over all others. Earning the trust and confidence of investors can lead to a successful offering. Consider activities that could strengthen your relationships with clients, customers, and even vendors. These relationships may help to support a successful crowdfunding campaign and could represent your future investors.

To launch your crowdfunding campaign, you’ll be using the services of an SEC registered broker/dealer or SEC registered crowdfunding platform or funding portal. Each will probably offer different services and fee structures. Once your customers, clients, and vendors have invested in your business, you may want to reach out to a broader base of potential investors. Getting your offer in front of the right investors will be critical to achieving your capital raising goals.

As a private company, you may not be accustomed to sharing operational and financial information publically. A successful crowdfunding campaign may require additional transparency if you are to build trust and confidence in prospective investors. If you are not comfortable sharing company information with the world, you may want to explore a more proprietary method of raising capital.

Once you have executed a successful crowdfunding campaign, you will need to have a plan on how you will continue to communicate to your new investors. How much information are you willing to share? Which rights to information will investors have? Consider creating an investor-only section on your company’s website where you can post periodic information about your company’s progress, financial results, etc. Transparency is the key if you want to keep your investors informed and hungry to make additional investment in the future.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle seven: applying technology thoughtfully while preserving customer data. 


Recently, Chapman University published the results of its survey America’s Top Fears 2015. Respondents were asked their fear level about different factors ranging from crime to disasters to their personal futures. FIVE OF THE TOP TEN THINGS PEOPLE FEAR ARE RELATED TO MIS-USE OF THEIR DATA! That includes cyber-terrorism, corporate tracking of personal information, government tracking of personal information, identity theft and credit card fraud. That’s out of 88 possible things to be afraid of!

There is a tidal wave of automation being applied to data collection and usage practices. I suggest that just because you can do something doesn’t always mean you should. We are approaching a tipping point around the creep factor of having everything that one does be tracked. People are tired of constant advertisements, witnessed by the increased adoption of ad blocking technology, and especially Apple’s recent iOS 9’s robust blocking capability for Safari – which has been heralded as the potential death of online advertising. As ads are blocked, marketers need to find other ways to get their message through, such as direct contact with mobile devices. That will require permission from each user. And that means you have to be delivering a lot of value while also showing some restraint in the level and frequency of contact.

Another interesting wrinkle is the October 6 ruling by the EU Court of Justice that struck down what is called Safe Harbor, a policy that allowed self-certification by U.S. companies to say their data protection standards were sufficient for EU citizens, who are protected by strict privacy law. Israel followed suit on Oct. 20. What happens next is yet to be determined, but everyone is scrambling to figure out how to protect their international business by the end of January grace period.

When practices get abused, people fight back or tune out. It’s human nature. In e-chatting during a webinar this week with its moderator Chris Surdak, a big data expert, (who I thought discussed unbridled capitalism more extremely than anyone I have ever heard), he noted regarding privacy that “The backlash will be epic, if we ever get there.” Hmmm. A thoughtful approach to what you collect, how you collect and use it, how long you keep what you collect, with whom you share it and what they do with it will better serve and protect your business and your brand through changes in customer sentiment and the regulatory environment.

Brand Reputation in the Era of Data: 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships
Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!
Brand Reputation in the Era of Data – Principle 5: Practice Customer Empathy
Brand Reputation in the Era of Data – Principle 6: Comply with All Applicable Laws and Regulations. Then Exceed Them.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, NVTC member LMI shares how emerging technology is making it easier for agencies and their partners to share essential data, even when the organizations have different security policies and protocols.


Last week’s Virtualization in a Collaborative Information Sharing Environment Forum, sponsored by the Intelligence and National Security Alliance (INSA), shed light on how emerging technology is making it easier for agencies and their partners to share essential data, even when the organizations have different security policies and protocols.

Network virtualization, also known as software-defined networking, uses cloud-based principles and technology to provide a more efficient IT infrastructure while opening the door for different types of users to seamlessly access information for which they are authorized by law and policy.

Kshemendra Paul, who oversees the Information Sharing Environment (ISE), noted that the original vision of a single, universal cloud providing services to all federal agencies has changed. Today, ISE’s emphasis is to establish common policy to “federate trust.”

Groups with different security and access controls share many common elements around trust (i.e., business rules for issuing credentials, individual attributes, data retention), so there is a framework for a diverse range of professionals to come together and share data. Paul noted Alabama already has developed a trust framework to enable the medical and law enforcement communities to share casework data.

To move agencies to a state where users share information without being hampered by technology, the panel discussed the following.

Network virtualization

  • Is gaining momentum—already, the National Geospatial-Intelligence Agency is fast-tracking implementation of network virtualization and wants other agencies to join.
  • Could automate security policy—by using the National Institute of Standards and Technology (NIST) framework for trusted identities in cyberspace, XML could be used to translate thousands of access control policies into machine-executable code.
  • Offers flexibility and immediacy—agencies will be able to expand and contract networks, as needed, as well as create them and move them around rapidly.
  • Creates efficiencies—alongside enhancing mission capabilities, virtualization lowers costs and improves end-user service through faster configuration and instant upgrades.
  • Tightens security—patches are quickly applied, since IT departments know all the users and applications for a given network.

Key challenges for implementing virtualization include change management and security. Seamlessly sharing sensitive information between organizations often goes against the grain of agency culture. Making virtualization scalable requires a culture change.

Security remains a constant challenge. As the data grow, IT departments will need to analyze bigger and bigger data sets to find insiders behaving badly. The right security investments need to be set aside for virtualization projects.

Keith Nelson is a member of LMI’s Organizational and Human Capital Solutions group, supporting human resources IT, workforce management, succession planning, and performance management for the State Department, the Department of Homeland Security, and the General Services Administration. Mr. Nelson holds an MBA from UCLA and a Master of Journalism from UC Berkeley.

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle six: comply with all applicable laws and regulations - then exceed them. 


There are a LOT of laws and regulations out there that govern data handling and privacy. They vary according to where you conduct business. The European Union has the strictest set of laws that are built on the principle of human rights. The United States has what’s called a sectoral approach, that is different laws are set for different sectors – like HIPAA for healthcare, Gramm Leach Bliley for Finance, the Cable TV Privacy Act, the Electronic Communications Privacy Act and on. In the US, 47 of 50 states also currently have data breach notification laws, all of them slightly different. Asian countries adopt data protection laws and sectoral laws. Many Latin American countries have constitutional guarantees, data protection laws, and sectoral laws. Yikes! It’s a lot to comply with – and just to keep things fun, laws and regulations are changing and updating all the time.

Realistically, marketers are not going to know every legal requirement that impacts their organization. But you should at least be aware of the basic principles of what’s allowed in the places you do business, then coordinate with Legal (I know, I know!) on how to stay out of trouble. This discovery can also happen through a process called a Privacy Impact Assessment, mentioned in my previous post.

Observing laws and regulations must be standard operating procedure. But just being compliant really isn’t enough to enhance your position in a fickle and frenetic market. Think about it this way – do you want your child to just stay out of trouble at school, or be a leader in the classroom? Where’s the attention going to go? You sure don’t want to stand out in a bad way – like being one of the 256 app providers who violated the privacy terms they contracted with Apple.

Going beyond the legal minimum and making extra effort will help your business differentiate as a trusted source. Simplified privacy policy language will help. Minimizing data collection and retention (yes, you CAN get rid of stuff!) will help. So will being transparent at all times about your practices and behaviors. Use creative ways to tell the story to your customers and stakeholders – through vignettes, through messaging, through customer service scripts – put it out there. Earning trust marks like TRUSTe really sends the message that you take data stewardship seriously.

Your customers expect you to comply with the law. They want to feel like you care and are proactive about protecting their data. I firmly believe that the great majority of people want to do the right thing; it comes back to mindfulness and balance between enthusiastic pursuit of business objectives and a bit of thoughtful restraint.

Brand Reputation in the Era of Data: 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships
Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!
Brand Reputation in the Era of Data – Principle 5: Practice Customer Empathy

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS