StratVantage News Summary

Speaking engagements

The TrendSpot

Internet News





Enterprise Architecture Resources




P2P Companies


Wireless Resources


Job Seeking Resources

XML Standards

Security Information

Online Newsletters

B2B Ecommerce Resources



Marketing Information

Search StratVantage

Search the Web

Be on the wave or under it™

The News – 07/23/02

In this Issue:

Recommended Reading

I realize this is the only newsletter you’ll ever need, but if you want more in-depth detail, check out:

Stan Hustad’s
The Coaching Connection

Management Signature's
The Express Read

Why You Need to Get Hip to HIPAA

The Health Information Portability and Accountability Act of 1996 (HIPAA) is a broad-based piece of legislation that addresses many aspects of health care and health insurance. It is tempting for companies not directly involved in health care to dismiss HIPAA as not being relevant to their businesses. This could be a significant mistake. There are two areas that HIPAA will affect all businesses.

The first involves the fact that HIPAA, along with another piece of legislation, the Gramm-Leach-Bliley Act (GLB), will set a practical and, more importantly, a legal standard for best-demonstrated security practices. The second impact of HIPAA will be in creating new software and standards for the secure exchange of information. First, let’s take a look at HIPAA’s effect on best-demonstrated practices. We’ll look at the second effect in the next SNS.

Because it codifies in law a set of security, privacy, and confidentiality standards, HIPAA will create de facto standards for all organizations. Until the advent of HIPAA (and GLB in banking), when a network intrusion case went before a judge and jury, there wasn’t a single body of law to refer to in assessing whether a company’s security practice was consistent with industry standards.

Prosecutors who were trying hackers often had to assert that a company provided adequate defense against a hack attack by calling expert witnesses who gave their opinions. Obviously this left the matter open to interpretation, to the point that even the inclusion of the word “Welcome” on a logon screen became a defense against an intrusion – after all, you welcomed people into your network!

Now there’s a standard, in black and white legislation, for best-demonstrated security practices, and Matthew Yarbrough, who heads the cyberlaw practice in Fish & Richardson’s Dallas office, thinks any savvy defense attorney will leverage this fact.

All the attorney needs to do is to take a company’s chief security officer through a checklist of HIPAA requirements, asking, “Did your company do this? How about this?” HIPAA becomes a blueprint to attack the idea that a plaintiff company provided a sufficient defense against intrusion. If the company didn’t pass the HIPAA checklist test, it could easily lose the case because its security practices weren’t adequate.

And let's not even think of the possibility of shareholder lawsuits!

Of course, HIPAA deals with privacy and confidentiality as well, and companies would be additionally vulnerable in those areas. “For proof of that,” Yarbrough says, “you can turn to the case of Kaiser Permanente. In August of 2000, the mammoth health insurer accidentally sent 19 of its members e-mails meant for other patients. Included in the snafu were routine matters and one member’s question about a sexually transmitted disease. A year later, it was Eli Lilly’s turn. The pharmaceutical giant sent an e-mail to about 600 users of its medications for depression, bulimia and obsessive compulsive disorder. The problem? The e-mail listed all the recipients in the ‘Cc:’ line, allowing everyone to see a list including everyone else’s name.”

The Federal Trade Commission settled the Lilly case in January without penalties because the disclosure was inadvertent. However, in a post-HIPAA world, such email gaffes may be punishable crimes.

So, yes, you need to worry about HIPAA, even if you don’t directly deal with the health care industry. Yarbrough says, “If your business does business with a doctor, hospital or other health care organization, HIPAA may apply to you. If your business administers its own health plan, the law applies to you too. In fact, because courts may look upon it as a benchmark for computer privacy and security, it may apply to everyone.”

We’ll take a look at the second general effect of HIPAA, the availability of new software and standards for the secure exchange of information, in the next SNS.

Briefly Noted

  • Shameless Self-Promotion Dept.: Finally I’ve put up the Nanotechnology Resources directory I promised last November.

    Also, check out the article I wrote for the Taylor Harkins newsletter entitled, Do you hate your customers? It continues the theme from my earlier article, analyzing the media industry’s response to file sharing.

    Finally, and at long last, the CTOMentor wireless white paper, You Can Take It with You: Business Applications of Personal Wireless Devices, is available at ITPapers.

  • Love the Name: No, it’s not a hairstyle supervisory shop. Chicago-area firm Gray Hair Management provides a two to four-member advisory board selected from more than 500 senior executives to help companies with their business problems. No reason for the plug; I just love the name.
    Gray Hair Management

  • The Threat of Spyware: Spyware started out as a way for file sharing systems like Kazaa to track ad viewings within their software. Without informing its users, software containing spyware reported back to the company information on what ads the user saw, and possibly more, such as information used to access password-protected sites. The spyware also was able to download executable programs (one called EXPLORER.EXE, the same name as a Windows system component) and install them without the user knowing. Nowadays, pretty much all of the popular music file sharing services use spyware. Thus, spyware constitutes a security breach on business networks.

    Business owners should make sure they have a company policy against the installation of these file-sharing programs. It’s also a very good idea to install a firewall, such as ZoneAlarm, on each PC that will notify the user if any new programs try to access the Internet. Another good solution is to use programs such as PestPatrol and LeakTest that can help identify and eliminate spyware programs.
  • VoWLAN Apparently Patented: From the apparently-never-ending Stupid Patent Department comes an item from Symbol, a maker of mobile data transaction systems. The company has been granted a patent for handling voice over wireless LANs (WLANs) using Internet Protocol. Never mind the patent that Motorola just received for VoIP (Voice over Internet Protocol). I’m not a wireless tech, but Symbol’s patent looks like fairly obvious technology.  

  • Windy City – Connected City: Chicago ranked first in a National Science Foundation study that counted the number of connections to and from each city through 41 net backbones. The shocker: San Francisco came in sixth. The other cities in order:

    • Washington, DC
    • Dallas
    • Atlanta
    • New York
    • San Francisco
    • Los Angeles
    • Denver
    • Seattle
    • Houston
  • The Email Overload: C2C Systems says some global organizations send and receive up to 4 or 5 million emails a day, which can lead to many management problems, including uncontrolled storage of offensive emails, mailbox attachment bloat, and inappropriate mailbox and folder permissions. Oddly enough, 10-year-old UK company C2C helps customers develop plans for legal and security compliance and capacity management for email systems. They offer a free booklet, Taming the e-mail monster.
    C2C Email Workbook

  • Roam Where You Want To: Several manufacturers have made recent moves to create multiple-mode wireless network cards. Envara has designed a single chip that will support 802.11a, b (Wi-Fi), and the still-in-development g. The chip won’t be available commercially until sometime next year. Nokia and GTran Wireless both have developed a laptop modem that can access 802.11b networks as well as cell phone data networks. The GTran DotSurfer 5000 works on Wi-Fi and the so-called 3G standard, CDMA2000 1XRTT, networks (offered by Sprint and Verizon). Most major wireless network owners, including Verizon, Cingular, AT&T Wireless and Sprint PCS, say they intend to add 802.11b to their cell networks, moving to preempt the competitive threat offered by free or cheap Wi-Fi nets. In one of the earliest moves, VoiceStream Wireless bought MobileStar, which sells wireless Internet access in Starbucks cafes.

    A possible wild card in this mix is tiny startup EtherLinx, whose Smart Spectrum™ technology claims to extend the reach of Wi-Fi from 300 feet to up to 50 miles. The company combines software, firmware, and data networking algorithms to achieve this astonishing range. They have been running a small, for-pay trial in Oakland, California, for the past year. And the best part? No truck roll for installation.
    ZDNet   ZDNet

  • Wireless Users Will Upgrade: Alert SNS Reader Dean Cowdery sent along an item from the wonderfully named Darwin Magazine. It says that 31 percent of US wireless phone users are looking to upgrade in the coming year. More than half (52 percent) are looking to access to the Internet, while 64 percent want to send and receive e-mail. The largest percentage (80 percent) says address book applications are a priority. All these stats are fine, but the puzzling one is this: Of those looking to upgrade, only 18 percent say they plan to do it for better handset functionality. What? They don’t like the color or something?
    Darwin Magazine

The Wayback Machine – A Year Ago in SNS

The lead article in the July 23, 2001 edition of SNS was Broadband a Broad Yawn?a consideration of the state of the hype about broadband. Broadband was going to really take off in 2002, according to the prevailing thinking. WildBlue, a nascent satellite broadband provider, was to start offering 3Mbps bi-directional service (400Kbps upstream) in 2002. Guess what? They’re now targeting 2003.

The Halostar Network from Angel Technologies and Raytheon planned to offer 52Mbps via HALO-Proteus aircraft that would fly fixed patterns in the stratosphere (51,000 feet and higher) over major cities. The Angel Web site appears to be mostly unchanged in the last year, and perhaps longer, plus there has been no press coverage. The main change in the site is the offering of commemorative stock certificates. Doesn’t sound good.

Sky Station, led by Alexander “I’m in charge” Haig, planned to use a blimp which can be maneuvered on a guided path or held geostationary in the stratosphere at 68,000 feet to deliver speeds of up to 2Mbps uplink and 10Mbps downlink. Instead of starting service in 2002 as planned a year ago, they’re now targeting 2004.

The article quoted Peter Jarich, an analyst at The Strategis Group. Jarich said, presciently, “I don't know if any of these companies [offering broadband from aircraft] will ever roll out services. From just a general market standpoint, there's not a compelling argument for it.”

Also in that edition was the article, Stupid Email Tricks, about some terrific email blunders committed by folks either without a clue, or with an itchy finger on the Send button. Web site from the UK compiled the list, and selected the top three entries. They apparently haven’t added any more in the last year, however.

The article Microsoft Won’t Imbed Java in XP speculated on the reasons for the move. Windows XP did not ship with Java support, although Microsoft did make available a downloadable Java VM. Here’s a good analysis of the problem, pointed out by Alert SNS Reader Larry Kuhn.

Finally, the article First US GPRS Phone and Service Released was about AT&T Wireless’s rollout in Seattle of GPRS (General Packet Radio Service), a 2.5G transitional standard that will eventually be superseded by 3G equipment. The article predicted, cheekily, that full rollout would probably be in 2002. Well, AT&T’s GPRS service, known as mMode, is available in 20 states and a joint effort with Cingular should improve coverage as well. This time, the future really was a year away.

Just the Right Stuff™

If you subscribed to CTOMentor’s Just the Right Stuff™ newsletter, over the past few months, you’d have received news nuggets like the following, along with expanded analysis. Your personalized Information Needs Profile would determine which of these items you’d receive. For more information, check out CTOMentor.

  • Palm i705 Debuts
    Palm's new i705 provides always-on access to corporate e-mail and blinks, beeps, or vibrates when a new e-mail arrives.

  • A Single Chip with Phone, GPS, Bluetooth
    Ashvattha Semiconductor is readying a single chip that combines the radio sides of GSM and GPRS mobile phone standards, a GPS satellite navigation system and a Bluetooth personal area network. The chip should reduce around $28 off the parts cost adding the function to a device. The company is also considering adding 802.11a/b and other wireless functionality next year after high volume production of the triple chip begins.

  • Increased Corporate Use of Wireless Data Forecast
    In-Stat/MDR projects the number of business wireless data users to grow from 6.6 million at the end of 2001, to more than 39 million in 2006. The business segment (including SOHO, small, medium and large companies) is currently, and will remain, the largest group of wireless data services users. This increase in business subscribers will improve US to wireless data carriers service revenues from $4 billion in year-end 2001, to more than $16 billion by year-end 2006.

Get this Stuff as it happens, not months later. Subscribe to CTOMentor today. Charter subscription discounts still available.

Return to Mike’s Take

Copyright © 2000-2008, StratVantage Consulting, LLC. All rights reserved.
Please send all comments to  .

Announcing Linked InSolutions, a New Social Media Consulting and Training Service from StratVantage

  • Each Power Workshop session is limited to 25 attendees to enable personal attention

Classroom rate: $125
Webinar rate: $65

House for Sale


Looking to light up your office, your business, or your city?

The WiMAX Guys can help you easily provide secure wireless Internet to your customers.

The WiMAX Guys specialize in designing and running wireless networks. We're experienced, we're quick, and we won't cost you an arm and a leg. Give us a call today provide your users a wireless Internet experience tomorrow.

Call Mike Ellsworth
Head Guy

Alert SNS Reader Hall of Fame

About The Author

Announcing CTOMentor, a New Service from StratVantage

Can’t Get Enough of ME?

In the unlikely event that you want more of my opinions, I’ve started a Weblog. It’s the fashionable thing for pundits to do, and I’m doing it too. A Weblog is a datestamped collection of somewhat random thoughts and ideas assembled on a Web page. If you’d like to subject the world to your thoughts, as I do, you can create your own Weblog. You need to have a Web site that allows you FTP access, and the free software from This allows you to right click on a Web page and append your pithy thoughts to your Weblog.

I’ve dubbed my Weblog entries “Stratlets”, and they are available at Let me know what you think.

Also check out the TrendSpot for ranking of the latest emerging trends.

In Memoriam

Gerald M. Ellsworth

March 14, 1928 - July 5, 2003

In Memoriam

Jane C. Ellsworth

July 20, 1928 - July 20, 2003