Healthcare is the new Internet, asserts David Randall and Christina Farr in Reuters —at least when it comes to technology investors and their money. Venture capital firms and portfolio managers of mutual funds are starting to invest in companies specializing in analyzing healthcare data, they report—with VC funding for healthcare technology up 176 percent this year.
“This trend is yet another example of investors finding new ways to invest in the thriving healthcare industry,” said partner Geoffrey Cockrell of McGuire Woods. These investments are a good way for investors who are wary of the risk in the industry, he said. Traditionally, companies associated with healthcare, such as biotech companies, have business models that centers on the development of a drug, he continued. Unlike those companies, healthcare data is capitalizing on the growth of electronic records.
Indeed, Randall and Farr report that though there can still be just as much risk in these investments as any others, the aging population in the U.S. and Europe—and the transition to digital health records—make it a particularly appealing industry. Categories of investments include: payer administration, digital medical devices, analytics and big data, healthcare consumer engagement, population health management, and personalized medicine, said Cockrell.
Back in May of this year there was a “Global Privacy Enforcement Sweep” conducted in 19 countries that assessed the transparency of 1,211 popular mobile applications. These results were published yesterday and according to a recent post on firm site Hunton & Williams, “a large majority of the apps are accessing personal data without providing adequate information to users.”
Specifically, the new information demonstrated a whopping 85 percent of mobile apps that were surveyed didn’t provide users with clear information on how they collected, processed and disclosed their data. In 59 percent of them it was difficult to find information on privacy before the apps were installed and once it was accessed, 43 percent of privacy notices weren’t tailored to the size of screens, according to the lawyers at Hunton & Williams.
“In light of these results, the data protection authorities that participated in the sweep are likely to launch enforcement actions in their jurisdictions,” say the Huntington & Williams lawyers. Most recently the Belgian data protection authority said they were speaking with stakeholders and getting ready to send cease and desist letters in certain severe cases.
Big Data is all around us. That was the conclusion of the International Working Group on Data Protection in Telecommunications, according to special counsel Monika Kuschewsky of Covington & Burling. Well, not quite, but they said it’s “everywhere” and growing on a global level by 50 percent annually. To harness this data while respecting privacy principles, the working group had recommendations, as set out by Kuschewsky in her article on the Inside Privacy blog:
Meaningful consent: When using personal data for analysis and profiling, meaningful consent is your best move. Though it may be possible to process this data without consent, said Kuschewsky, it’s not without risk.
Anonymity is paramount: “The risk of re-identification has been a theme throughout the Working Paper,” said Kuschewsky. To alleviate this risk, stressing anonymity can sometimes eliminate privacy concerns, she said.
Transparency: When collecting and using data, be transparent about it. Kuschewsky suggested, “Each individual should have access to his or her profile, including information on which algorithms have been used, and information should be provided in a clear and understandable format.”
The report, called “2014 ILTA/InsideLegal Technology Purchasing Survey,” is the ninth annual report from ILTA and InsideLegal. Forshee and Elster sent a 31-question, Web-based survey to 1,407 ILTA-member firms to gather information for the report, of which 281 firms responded.
More than three-quarters (86 percent) of respondents were from U.S. firms, with the remainder from Canada (eight percent) and the U.K., Europe, Australia and South America (for a combined total of six percent). The survey was released on Aug. 18.
Responses were collected from smaller scale firms with less than 50 attorneys, as well as larger firms with more than 50 attorneys. Nearly three-quarters of respondents (70 percent) consisted of C-Level, or “director level executives,” the report noted.
Fifty-four percent (up six percent from 2013) of all surveyed law firms spend between 2-4 percent of their total revenue on technology.
Sixty-two percent of all respondents spend more than $8,000 per attorney on technology.
Forty-nine percent of all respondents said that their technology budgets increased this year from 2013. The number of firms reporting an increase is up six percent from last year.
The top three tech purchases included: laptops and notebooks at 64 percent; desktop hardware and PCs at 63 percent; and network upgrade and servers at 50 percent.
There is a “cooling off” period of Microsoft Corp.'s applications, the report said, as 18 percent of all respondents upgraded their Microsoft Office suites within the past year, as opposed to 39 percent in 2012. SharePoint purchases are also down 14 percent from two years ago, the report noted.
Mobile devices: A majority of firms are purchasing Apple Inc.’s iPhones (63 percent), followed by Android (39 percent) and BlackBerry devices (28 percent).
Tablets: Nearly half (44 percent) of respondents picked iPads, followed by Microsoft Surface (17 percent) and Android devices (10 percent).
Internet research, peer recommendations and consultants are the main influences for legal IT purchasing decisions, the report said.
Unless Congress acts on a major cybersecurity bill this session, the U.S. will face “a major catastrophic event” that takes down an American company or institution in the next 18 months, according to Rep. Michael Rogers, R-Mich., chairman of the U.S. House of Representatives Select Committee on Intelligence.
“Now is the time to act,” Rogers told a high-level conference of government and industry leaders Wednesday in Washington, D.C. “We are getting crushed. We are in a cyberwar, and we are losing.”
He warned that Russia, China, Iran and North Korea “are about a half stroke away” from destroying something like an electric grid. “Cyber will prep our next battlefield,” Rogers warned. “They are developing the capability to wipe us out.”
Rogers said Iran cyberattacked U.S. financial institutions 350 times last year. “We don’t have a sense of urgency on this that we need to have,” he warned. Besides nation states, cyberattacks are increasingly coming from organized criminals, especially in Eastern Europe, the experts said.
The conference brought together members of the Merchant-Financial Services Cybersecurity Partnership, a coalition of 19 associations, including the Financial Roundtable and the Retail Industry Leaders Association.
Most speakers agreed that what is needed is information sharing by the private and public sectors on data breaches and technology strategies. “That’s the guts of this,” admitted Sen. Saxby Chambliss, R-Ga., ranking member of the Senate Select Committee on Intelligence.
So why don’t they just share what they know? Speakers cited various reasons, most dealing with their fears: Fear of competitors taking advantage, fear of liability and lawsuits, fear of loss of privacy for customers and, to a lesser extent, fear of antitrust accusations.
The conference made clear that companies want protection from liability if they are going to disclose breaches more openly and share cyberinformation with the government, other corporations and their customers. And that requirement is one of the snags facing proposed legislation.
Michael Daniel, special assistant to President Barack Obama and cybersecurity coordinator for the White House, pointed out that already there are 47 different state laws mandating some form of disclosure. So a national law that would standardize disclosure should be welcomed.
“The other point is we’re very clear when we talk to companies about sharing information with the government, that we don’t want that to be public, at least not yet,” Daniel said. “We don’t want to give the bad guys a road map.”
One panelist, Joe Demarest, assistant director of the Federal Bureau of Investigation’s Cyber Division, mentioned general counsel a couple of times when speaking about roadblocks to information sharing. And he noted there is often a lack of trust between the private sector and government.
“We collect information, but some people have to work through their general counsel and there is a bit of delay, sometimes hours or days,” Demarest said. “Companies want [information] validated more. We need to get trust.”
He suggested that corporations set up cyber task forces and develop ongoing relationships with the FBI “before we come knocking on your door at 6 p.m. on a Friday evening to tell you about a breach.”
Several speakers made reference to major data breaches, including a massive one at Home Depot Stores Inc. confirmed by the company this week. Assuming the government had shared information about the Target Corp. breach over the holidays with Home Depot, one person wondered how helpful information sharing really is.
The FBI’s Demarest replied, “It’s part of the solution, but only part.” Also vital, he said, are internal policies that hold employees accountable and training on opening emails that may contain malware. “Bad actors are brilliant today,” he added, “so internal controls and training are important.”
Another panelist, Nancy O’Malley, chief payment system integrity officer for MasterCard Inc., spoke of legislation as too slow a process. “The criminal community is moving so quickly,” she noted. “What we’re trying to do is [develop] a payment security task force looking to the future and what we can do to build a safer environment.”
One panelist mentioned Apple Inc.’s introduction Tuesday of “Apple Pay,” a way to pay using iPhones with near-field communication technology. O’Malley said, “Mobile is one of the single most important opportunities to get it right. Now we have a chip that has computing capability for security. Now a mobile secure element is at an unprecedented level in terms of the technology each consumer is carrying in [her] hand.”
Reed Luhtanen, senior director for payments strategy at Wal-Mart Stores Inc., agreed. “You can use a mobile device to create a more secure transaction than a card,” he said. “A merchant never has to see customer private data or numbers. And we need to leverage it for all we can get.”
Wearable tech devices are useful for many things, including tracking fitness goals (a feature David Sedaris recently critiqued in The New Yorker). But just how handy is it when these same devices sell your information to insurance companies, thus upping your premiums based on detailed analysis of your liquor input and fitness output?
As Apple Inc. prepares to debut its long-anticipated "iWatch"Apple Watch wearable this week, Al Sacco brings this issue to the forefront in a recent article in CIO. He says that although no one really reads the privacy policies included with wearables, “the reality is that privacy policies have never been more important,” as they allow companies to collect, and even sell, your information.
To help ease the legalese, Sacco spoke to some experts about how to read these policies and what to look for. Here are his tips:
Look for two main things: Electronic Frontier Foundation staff technologist Jeremy Gillula says users should be on the hunt for two things when reading wearable privacy policies: what specific data is being collected and what the company is doing with it. He says to be particularly cautious of policies stating the company is sharing the information with third parties or partners. “That is usually a red flag,” he notes. “They’re giving the information to other parties. From there, who knows where it goes?”
“Liking” something on Facebook has now been ruled to be a “protected concerted activity”, said Neuberger, and employees (and their preferences) are shielded from negative ramifications. Case in point: employees of a sports bar found out their employer was under-withholding state income taxes, which affected their returns, explained Neuberger.
Employees took to Facebook to complain about these actions, including “liking” posts written by others. Two were terminated for being disloyal to the company, along with defaming it. However, the National Labor Relations Board found this an unfair labor practice, said Neuberger.
“A common mindset is if profanity is used by the employee and directed towards the company, then all bets are off and the employee should be fired,” he said. But in the age of social media it’s a lot more nuanced than that. Like it or not.