The Federal Trade Commission needs "more tools" to deter private sector consumer data breaches, said Jessica Rich, director of the agency's bureau of consumer protection, during a Feb. 3 Senate hearing. The FTC today has authority to bring data-breach related actions only if a company engaged in deceptive or unfair practices, such as by wrongly asserting or implying high levels of data protection.
Basic cybersecurity measures such as patching, anti-virus software updates and password management are insufficient at federal agencies, leaving government networks vulnerable to even non-sophisticated cyber intrusions, finds a Feb. 4 report.
A June 2015 expiration of the Patriot Act section the intelligence community says authorizes the bulk storage of telephony metadata means the Obama administration should act now to propose legislative changes, said Rep. Jim Sensenbrenner (R-Wisc.).
A Commerce Department official say it's rethinking its data infrastructure with an eye to making data seamlessly consumable internally and externally across the many industry sectors encompassed by its bureaus. "Rather than a federated approach to data, the one thing that we're learning is that data has to be done at scale. The real power of data comes from integrating it," said Patrick Gallagher, acting commerce deputy secretary. He spoke Jan. 31 during a meeting of the President's Council of Advisors on Science and Technology.
A public sector cloud computing association says court filings made by Google in its defense against a lawsuit filed over email keyword-targeted advertising show the search engine giant data mining educational users for as targeting purposes.
Nations should form an international agreement that forbids cyber attacks against civil nuclear facilities during peacetime, the EastWest Institute says in a new report.
Transportation Department auditors are now saying the Federal Aviation Administration will "not likely be ready" to mandate by 2020 use of avionics allowing airplane pilots to see in real-time their position and the location of other airplanes. That assessment comes in a Jan. 28 audit (.pdf) that's slightly more pessimistic than a September 2013 preliminary version in which auditors said the FAA "may not be ready."
The National Information Exchange Model is announcing a Unified Modeling Language profile for a previous version of NIEM, the XML schema-based information exchange model used within federal, state and local governments.
Suspending the U.S.-EU Safe Harbor Framework would have major repercussions – not just for trade, but for the nature of the Internet, said Francois Rivasseau, deputy head of the EU Delegation to the United States.
The DoD has signaled its intent to buy a commercial EHR to replace its legacy systems since it and the Veterans Affairs Department canceled in February 2013 (citing cost reasons) an effort that would have resulted in a joint EHR running in both military and veterans medical systems.
More than one-third of respondents in a new survey of governmental information technology professionals experienced a day or more of unplanned downtime in the prior 12 months.
The Joint Information Environment, an effort to upgrade and standardize Defense Department information technology infrastructure and services, still isn't a program of record but it does come under the oversight of the director of operational test and evaluation.
Whether or not the intelligence community's bulk storage of telephony metadata has actually prevented a terrorist attack shouldn't be the only metric by which the program's efficacy should be measured, said Attorney General Eric Holder.
Officials from the United State and the United Kingdom signed a memorandum of understanding Jan. 23 that would allow health data and health information technology to be shared more effectively, and formally commits the governments to collaborating on health technology.
The Justice Department agreed to somewhat loosen restrictions on surveillance reports made public by Internet companies in response to a lawsuit filed by tech giants, including Google, Microsoft and Facebook.
Since the February 2013 cancelation by the VA and Defense Department of a planned joint integrated EHR – the iEHR – the VA has faced the problem of modernizing its legacy EHR, officially known as the Veterans Health Information Systems and Technology Architecture, but referred to daily as VistA. Industry insiders describe VistA Evolution as preparatory work for what may be future procurements of specific EHR modules, such as those for pharmacy prescriptions or lab results.
The Homeland Security Department will update its emergency services sector plan by the end of this year to include the need for security protections for the cyber attack-vulnberable NG9-1-1 and FirstNet national public safety broadband network.
Draft legislation introduced Jan. 27 by Reps. Anna Eshoo (D-Calif.) and Gerry Connolly (D-Va.) would create a central office, within the White House, to review and guide agency information technology projects.
The recommendations go farther than previous proposals. The federal government today expresses cybersecurity requirements for its contractors "in terms of compliance with broadly stated standards and are included in a section of the contract that is not part of the technical description of the product or service," the committee states.