MiCTA Alert - Fall 2003

Fall Copy Paper Special

8.5 x 11, 20 lb White, 84 Brightness

$19.99 Per Carton

10 Reams Per Carton

500 Sheets Per Ream

To Order Contact:

Kristen Velez @ 800-578-9675 ext 5884

No quantity limit

Offer Available on first supply order placed on a

new Office Depot BSD Account only!

Gateway Special

GW Quote #: 0908029
Gateway 960
System Quote

Recommending Health-Related Web Sites
by Bernard J. Kerr, Jr., Ed.D, MHA, Associate Professor
Central Michigan University , Doctor of Health Administration Program

When coworkers, family and friends discover you have some working knowledge of the World Wide Web, a common question is “What's a good ‘www' for this or that?” Given that the quest for health and medical information is one of the most common uses of the Internet, it is likely you may be asked about health-related web sites. Studies conducted as part of the Pew Research Center's Internet and American Life Project reveal that 80% of adult Internet users, or about 93 million Americans, have searched for at least one of 16 major health topics online. This makes the act of looking for health or medical information one of the most popular activities online, after email (93%) and researching a product or service before buying it (83%)1. Recommending a web site is a bit like recommending a movie or a book in that the response hinges, in part, on what the person soliciting your opinion is seeking.

Often, we might recommend a movie based on an expression of a preferred genre, such as drama, action-adventure or comedy. Or we might suggest a book based on our knowledge of an author, possibly Stephen King or Tom Clancy. Sometimes we recommend a movie or a book based on reviews found in the print media, on television or on the Internet. No matter how we arrive at a recommendation, we are suggesting a modest investment of time and money for a source of entertainment. Even if the movie or book we suggest proves a disappointment, the consequences are benign. Recommending health-related web sites presents a somewhat greater challenge for a number of reasons. First, you are not recommending a form of entertainment. You are suggesting a source of information that the user is likely to employ in making choices and decisions regarding health care. Second, you may have little knowledge of why the inquiring party wants to know more about a particular health or medical issue. An emerging symptom, a recent diagnosis or simple curiosity emanating from something they read, saw or heard may motivate them. No matter what their motivation, providing good guidance is important, as it is likely to be followed. Third, there is something of an expectation that the web site you suggest be a quality, reliable source. One solution is not to make health-related web site recommendations. While this is an option, it does not represent the reply a friend, relative or coworker had hoped to hear. A better solution would be to recommend health-related web sites that have been reviewed and recommended through some formal, structured evaluation process. One such process is the Utilization Review Accreditation Commission (URAC) Health Web Site Accreditation Program2.Web sites that receive the URAC Health Web Site Accreditation Seal have been thoroughly evaluated against more than 50 URAC standards to ensure that they deliver quality health content and services. URAC's application process provides a third-party verification mechanism for compliance to facilitate the site maintaining its quality services over time. Examples of URAC accredited web sites include: - WebMD ( http://my.webmd.com ) - healthAtoZ, ( http://www.healthatoz.com/ ) - AdvancePCS Health & Wellness Channel, ( http://www.buildingbetterhealth.com ) - Kid's Health Portal ( http://www.kidshealth.org/kid/ ). Indeed, there are many excellent health-related web sites that have not undergone a formal evaluation and/or accreditation process. Therefore, when seeking and/or recommending such sites, the seven criteria developed by the Health Summit Working Group, convened by the Health Information Technology Institute of Mitretek Systems3, should be helpful. The criteria are as follows: In July 1999, USA Today published a special, four-page cover story entitled “How the Internet is Changing Medicine.” The story noted: "In ever-growing numbers, patients clutching Internet printouts are marching into doctors' offices nationwide, sometimes knowing more about their disease and ways to treat it than their physicians."4 Given the substantial growth of health-related Internet content over the last four years, the parade of patients armed with Internet information must be quite a spectacle—and quite a challenge for today's health professionals. Hopefully, these patients and/or their family members are armed with quality, accurate information and the health professionals react favorably to the changing dynamic of caring for an Internet-informed population. Certainly, care should be taken in seeking and recommending health-related web sites, given the importance and potential consequences of the information provided and how it is used in the health care decision-making process. 1-Pew Research Center , Internet Health Resources, July 16, 2003 , http://www.pewinternet.org/reports/toc.asp?Report=95 2-URAC Health Web Site Accreditation Program, http://webapps.urac.org/websiteaccreditation/default.htm 3-Health Summit Working Group, Criteria for Assessing the Quality of Health Information on the Internet - Policy Paper, http://hitiweb.mitretek.org/docs/policy.html . 4-How the Internet is Changing Medicine, USA Today , July 15, 1999 .

Securing Digital Documents

From the National Center for Manufacturing Sciences

Organizations are increasingly replacing their paper documents and forms with electronic versions for critical business transactions and communications. It is common practice to place purchase orders, file government reports, or distribute financial statements via the Web or e-mail.

Further, regulatory, legislative and standards bodies recognize the new business practices and the need for persistent document protection. The Sarbanes-Oxley Act, SEC requirements, Gramm Leach Bliley Act, HIPAA, and the new ISO17999 standard contain demands satisfied by persistent document protection.

This growing shift from paper to digital documents has raised new security concerns around these documents and the information they contain. How can you be sure that a document came from the person who supposedly sent it? How will you know if someone has changed the content without informing you? How can you prevent sensitive information from being distributed to unauthorized parties?

Without the proper precautions, organizations face serious risks to their financial performance, intellectual property, customer privacy, and more. With new tools, it is possible to create a security-enhanced environment that limits the number of possible avenues of attack.

Security is applied to digital documents to protect their authenticity, integrity, and confidentiality. There are two principal tools used to implement this protection: identity systems and document control.

Identity systems enable authors to authenticate the origin of documents they create. Document recipients can use identity systems to approve documents. Digital signatures are gaining ground as an identity system. Digital signature implementations often also provide ‘tamper-resistance' that preserves the integrity of the content.

Document control applies access controls and permissions, so that only authorized people will be able to view, modify, or even print your documents.

Every form of digital document control is accomplished through establishing identity and granting permissions through a trusted authority that is usually the point of origin.

Identity – Permissions – Trusted Authority: important words. These concepts are at the root of many IMIA features and NCMS collaborative projects. There are a myriad of schemes for identity: tokens, biometrics, digital certificates, passwords and combinations of these, just to mention a few. There may be more than one trusted authority involved if your organization (a trusted authority) needs to distinguish an individual or organization from another individual or organization.

However, limiting access at the point of origin, for example, by placing files behind firewalls and granting access to those (perhaps encrypted) files to authorized individuals doesn't prevent authorized users or recipients from subsequently redistributing or copying the documents once they have left the originator's site, or after they have been decrypted on delivery.

Another approach is to encrypt the document and use a proprietary viewer to tie the decryption key to a particular computer. This means that the document can be used only on one computer and will be lost when that system is upgraded or fails.

A third approach is to make the document unchangeable, as in Adobe .pdf files. Sometimes this is just the right answer. As well, sometimes these systems inhibit rather than enable the business process.

There is a need to protect the digital document in a persistent way and to enforce your permissions. Also, it would be useful to be able to ‘change your mind' and revoke permissions previously granted.

Of course, this rights-managed content collaboration would work best if we all used the same hardware and software.

Lower cost digital document control systems aimed at general industry and business are coming to the marketplace now. Adobe and Microsoft have two of the prominent offerings:

Adobe's Sealed Media approach separates rights from content. It seals conventional files within a layer of encryption and digital signatures. It keeps the rights in the possession of the originator on a networked license server. There are also provisions for offline use and free downloadable plug-ins, as you might expect. Since the rights are separate from the content, it is possible to associate more than one set of rights with the same document, and to associate more than one document with the same set of rights. This scheme also permits the owner to revoke rights. (This is not an Adobe ad. You can find more detail in the Resources Page.)

Microsoft is testing Information Rights Management ( IRM ) as a feature of Microsoft Office 2003. It enhances collaboration and restricts unauthorized access to the content of Microsoft Office Word 2003, Excel 2003, PowerPoint 2003, and Outlook 2003 files. IRM also links to Microsoft's workflow, directory service, server, and identity products.

IRM is a persistent file-level technology from Microsoft that allows the user to specify permission for who can access and use documents or e-mail messages, and it helps to prevent sensitive information from being printed, forwarded, or copied by unauthorized individuals. Once permission for a document or message has been restricted with this technology, the usage restrictions travel with the document or e-mail message as part of the contents of the file. As a complement to the approach above there is an option to ‘require a connection' to verify a user's permission.

Conclusion:

Securing digital documents helps enable the enforcement of existing corporate policies regarding document confidentiality, workflow, and e-mail retention. It also reduces the risk of having key company information in the hands of the wrong people, whether by accident, thoughtlessness, or through malicious intent.

The marketplace will soon test the pros and cons of these new general business capabilities, each with a different approach. The opportunity for the end user is a solution with high value for cost; perhaps first in environments where regulation creates demand to do something. Now you can be prepared for the change.

This article from the National Center for Manufacturing Sciences is provided as a service of the MiCTA-InfoCore-NCMS Partnership in Education for MiCTA members. For more information about other information security topics available via the web, visit the website for MiCTA members at http://micta.ncms.org

FCC Delays Effective Date of Fax Rules – ACUTA Update

This is an important update to the ACUTA Alert that was sent to the ACUTA membership on August 15.

Responding to petitions from many organizations, the FCC acted Monday to delay the effective date of key provisions of its new do-not-fax rules until January 1, 2005 .

The decision effectively delays until January 1, 2005 implementation of the following two provisions that are most relevant to ACUTA institutional and corporate affiliate members:

1) The determination that an established business relationship will no longer be sufficient to show that an individual or business has given express permission to receive unsolicited facsimile advertisements; and

2) The requirement that the sender of a facsimile advertisement first obtain the recipient's express permission in writing. 

Therefore, until the amended rule becomes effective on January 1, 2005 , an established business relationship will continue to be sufficient to show that an individual or business has given express permission to receive facsimile advertisements. 

The FCC emphasized in its Order on Reconsideration adopted on Monday, August 18 that the effective date of its amended definition of an “established business relationship” is not affected by the delay.   That definition is:

“The term established business relationship means a prior or existing relationship formed by a voluntary two-way communication between a person or entity and a residential subscriber with or without an exchange of consideration, on the basis of the subscriber's purchase or transaction with the entity within the eighteen (18) months immediately preceding the date of the telephone call or on the basis of the subscriber's inquiry or application regarding products or services offered by the entity within the three months immediately preceding the date of the call, which relationship has not been previously terminated by either party.”

For the full text of the FCC's August 18 Order on Reconsideration, go to http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-03-208A1.doc .

For the full text of the FCC's initial Report and Order on this matter that was released July 3, go to http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-03-153A1.doc .

ACUTA is planning an audio seminar in late September on the issue of Do Not Call and Do Not Fax laws and regulations.  ACUTA members should watch your e-mail for further announcements.

ACUTA will also continue to work with the FCC and other organizations to provide input to minimize the impact of this new rule on our members.

Legislative/Regulatory Affairs Committee

Partners Alliance Group Changes Name

Partners Alliance Group , an approved MiCTA vendor, announces a new name: Wireless Frontier Internet, Inc. Should MiCTA members have any questions, please feel free to contact Tracy Alexander, Director of Telecommunications at 866 336 2857.

As an approved MiCTA vendor, Wireless Frontier Internet, Inc. will continue to support the MiCTA membership by providing dedicated voice, switched voice, data and IP services. In a cooperative marketing effort with VarTEC Telecom Inc., Wireless Frontier Internet Inc. is excited about the ability to offer new products at extremely competitive rates. Spokesperson Tracy Alexander for Wireless said, “Being able to offer great services with competitive pricing will provide a huge benefit for MiCTA members. Visit the website at www.wirelessfrontier.net .

Coffman Electrical Equipment Company- Brand New Website

Coffman Electrical Equipment Co., an approved MiCTA vendor has a brand new website. Coffman provides a broad range of power conditioning equipment to protect your sensitive IT and Telecommunications equipment, including the top brands of Uninterruptible Power Supply Systems (UPS), Transient Voltage Surge Suppression (TVSS), and many other fine energy management products.

Coffman has been in business for more than 55 years and provides generators ranging from 1,000 to 200,000 Watts, as well as a wealth of experience in addressing most electrical energy management issues.

The new website www.steadypower.com , has a special section dedicated to MiCTA members and many of Coffman's products can be purchased directly from the site. Special MiCTA pricing is discounted significantly.

Coffman can be reached at 1 (800) 852-7699.

MiCTA Partners

Endorsed Vendors:
AT&T
Avaya
Desire2Learn
Gateway Companies, Inc.
Innovative Communications, Inc.
Merit
Qwest
Sprint

Approved Vendors:
AT&T
Brodart
Coffman Electrical Equipment Company
Focal Communications
Innovative Communications, Inc.
Innovative Technologies Group
KMC Telecom
MCI
Office Depot / Tech Depot
Omni Tech Corp.
Partner's Alliance Group
PC MallGov Inc.
Qwest
Sprint
Sprint PCS
Stratacache
Technology Distribution Network, Inc.
WebCT

Alliance Vendors:
American Megacom, Inc.
Anixter
Beacon Group
Capitol Communications
CMC Telecom, Inc.
DA Plus, Inc.
Digby 4 Group Inc.
Infocore Inc.
New Visions Network, LLC
ProAudio Production
Total Solutions Group

Welcome New Members

City of Concord
Chardon State College
Colin Powell Academy
Invent Tomorrow Education Consortium
Lewis Cass ISD
Portland State University
Rhode Island Airport Corporation
Riverview Church
St. Mary's Medical Plaza
State of Georgia , Dept. of Education
US Open d-Learning Consortium

Committees

PREVIOUS MICTA ALERTS

• June 2003

• May 2003

• April 2003