Health care technology, particularly digital medicine, promises great new capabilities that will improve outcomes and reduce overall costs and time constraints. Digital medicine encompasses a broad-range of technologies, from technologies used to record, retain, and manipulate health data (i.e., Electronic Health Records aka., EHRs) and thereby make it more useable and amenable to analysis; to actual tools in clinical care (i.e., medical imaging, wearable sensors) that can measure physiological parameters or patient activity and facilitate clinical care and decision-making.
This post is part of a continuing DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
Strengthening federal information technology (IT) has been one of the priorities of the current administration, as outlined in the May 2017 Executive Order 13800. As summarized in our previous blog, the Director of the American Technology Council (ATC) was tasked, among other things, to coordinate the preparation of a report to the president regarding modernization of federal IT infrastructure. The draft report was made available for public comment in August, and finalized in December 2017. The final report’s implementation clock started on January 1, 2018.
This is the first post in a DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
The White House Office of Management and Budget (OMB) released in May 2018 its report to the president on federal cybersecurity risk determination. The report, which responds to the President’s May 2017 Executive Order 13800, entitled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” comes as several key reports also required by Executive Order 13800 have been recently released in full or in summary form. The Federal Cybersecurity Risk Determination Report and Action Plan concludes that the recent government-wide cybersecurity risk assessment conducted by the OMB, in collaboration with the Department of Homeland Security (DHS), confirms the need for the U.S. government to take “bold approaches” to improve federal cybersecurity.
The 9th U.S. Circuit Court of Appeals affirmed the district court’s ruling in Aqua Star (USA) Corp., vs Travelers Casualty and Surety Company of America. The case involved fraudulent emails purporting to be from the insured’s suppliers directing that the insured direct its payments to a new account purportedly opened by that supplier. Based on that fraudulent communication, the insured transferred $713,890 due its supplier to the fraudulent “new account.”
The Department of Justice announced the unsealing of a federal indictment charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise that is alleged to have engaged in a large-scale cyberfraud. The indictment alleges that the enterprise caused more than $530 million in actual losses to consumer, businesses, and financial institutions.
On February 14, 2018, the National Institute of Standards and Technology (NIST) released a draft of its NIST Interagency Report 8200 (NISTIR 8200), which is intended to inform policymakers and standards participants in developing and implementing cybersecurity standards in and for IoT devices and systems. At a high level, the draft report is intended to:
- provide a functional description for IoT (Section 4);
- describe several IoT applications that are representative examples of IoT (Section 5);
- summarize the cybersecurity core areas and provides examples of relevant standards (Section 6);
- describe IoT cybersecurity objectives, risks, and threats (Section 7);
- provide an analysis of the standards landscape for IoT cybersecurity (Sections 8 and 9); and
- map IoT relevant cybersecurity standards to cybersecurity core areas (Appendix D).