Archive | Records Management RSS feed for this section

Dysfunctional Search and the FBI, any of it sound familiar?

I think dysfunctional search is a great name. Unfortunately, it appears that the FBI wins the prize, but I am sure there are many organizations that also feel that their search is dysfunctional. An article in techdirt, ‘How The FBI’s Dysfunctional Search Systems Keep Information Out Of FOIA Requesters’ Hands’, did provide a chuckle, simply because it is just too late to take the US government seriously anymore.

To try to make this short, Trentadue versus the FBI, deals with a requested release of videotapes containing footage of the Oklahoma City bombing. Somehow during the first four days of testimony it was revealed that the FBI has ‘convenient’ information silos, instead of a cohesive repository for search. The problem is the person requesting the information must specify the correct records system for a comprehensive search to take place. The FBI typically only searches the main repository. In addition, the requester must specify in their request a ‘cross-reference’ check, which may mention the subject, but is not stored in the main repository. Again, the now beleaguered requester, must also send a request to the field offices involved, because the FBI ‘Records Information Dissemination’ has no cross-links to other than the original field office.

What about internal search at the FBI? The Central Records System (CRS), as it turns out, is not really a central repository and will accept three different methods of search, which will return three different sets of documents. One of the search methods, Automated Case Support (ACS) is used to search the CRS, but that search isn’t unified. To make matters worse the ACS is then split into three components. And, I think I’ll stop there as it just gets worse and worse, really it does. Oh, one more tidbit, the FBI decides what keywords to use.

I would imagine, or sincerely hope most organizations do not have a search environment such as the FBI. But enterprises do have silos of information and many have no integrated way to search across multiple repositories either via a software product that crosses repositories or through federated search. This should be a basic function. According to an AIIM study, only 18% of organizations have cross repository search capabilities. Maybe the FBI should provide training lessons.

Does your organization have cross repository search capabilities or federated search?

Comments are closed

Keeping the Problem People Out of the System – Possible?

It’s widely documented that most security breaches are caused by internal staff, either by accident or on purpose. Training can help in the accidents, but what about a disgruntled employee who deliberately causes a data breach? Think it won’t happen to you? Think again.

In an article on ZDNet, ‘After OPM breach, Manning and Snowden are just the beginning’, the author, David Gewirtz commented on the basic problem of people and security, “It is impossible to separate individual decision-making and action from the national security apparatus of any nation. Sure, we can carefully vet individuals, subject them to background checks and psychological tests. We can interview friends and neighbors. We can examine financial records and elicit stories about what they were like in college. We can certainly weed out the obvious problem cases. But we can’t keep all the problem people out of the system.”

Ok, you may say well, that’s the government and the staff can deal with highly secure information that impacts the country. That’s true. According to Mr. Gewirtz, “While some very misguided individuals celebrate Snowden’s actions, I submit that any individual who harms the American economy to the tune of at least 47 billion dollars and costs nearly a million jobs is no hero.” I hardly think that most organizations are in the same position as the government.

But, what if a data breach happened in your organization? Chances are it isn’t going to jeopardize national security – but your organization is in for some hefty fines, potential loss of brand and customers.

How do you protect your organization from the enemy within?

Comments are closed

Ok – doctor or lawyer? I say lawyer and hope I don’t get sick!

I had to at least peek at an article authored by Lucas Mearian, simply because of the title, ‘Lawyers smell blood in electronic medical records‘, published in ComputerWorld. It appears that Electronic Medical Records (EMRs) is becoming a gold mine for lawyers. Unfortunately, bad news for patients. Judgements have reached over $7.5 million in some cases as the information contained in the EMRs could not be trusted.

The next target on the list for legal professionals is technology vendors. Medical malpractice has focused specifically on physicians and hospitals. Lawyers see another opportunity to expand medical malpractice to include the vendors who make the products used. Rather a sad state of affairs. According to Keith Klein, a medical doctor and professor of medicine at the David Geffen School of Medicine at UCLA, “there are attorneys now looking for a clean case to sue the vendor,” he said. “This is reality. It is not theoretical. I was approached by Washington, D.C. law firm who had a very clean case for suing a vendor.”

The issue is people and technology. The technology needs to be simplified and provide safeguards. Healthcare professionals need to be more careful when entering information into complex applications.

To highlight a few mistakes:

  • One recent lawsuit involved a patient who suffered permanent kidney damage when he was given an antibiotic to treat what was thought to be an infection resulting in elevated creatinine levels. The patient was also suffering a uric kidney stone, which precludes the use of the antibiotic. Because of the complexity of the EMR, none of the attending physicians noticed the kidney stone. Detracting from the EMR’s validity was the fact that a date related to a previous intravenous drip was repeated over and over on all 3,000 pages of the record.
  • In another case, the physician was accused of plagiarizing data entered from another healthcare provider because he copied and pasted basic patient information.
  • And the best for last, “We’ve seen 92-year-old women getting diagnosed as crack addicts because of drop down menus.”

The vendors of medical applications better wake up, or they may be next at the mercy of the lawyer’s hatchet. I would also strongly suggest that there is more stringent oversight on health care professionals.

Let’s just hope none of us get sick – or we have an excellent lawyer.

Comments are closed