Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Outsourcing jobs a security risk: US intelligence
Indian Express Newspapers (Bombay) Ltd ^ | March 20, 2004

Posted on 03/20/2004 4:06:30 AM PST by sarcasm

Washington, March 20:With as many as three million software industry jobs poised to move offshore by 2015, the US industry needs to protect itself against potential security risks, including economic espionage, the chairman of the National Intelligence Council has warned.

“While outsourcing of business functions is a growing trend that helps firms cut costs, it also brings potential security risks--particularly when outsourcing involves entities owned and operated abroad,” Robert L. Hitchings, Chairman of the council, which is the US intelligence community's think tank said while addressing the international security management association in Scottsdale.

He said besides outsourcing, writing computer codes aboard and importing hardware entails security risks. “As many as 3 million software industry jobs could move offshore by 2015, with 70 per cent of these jobs moving to India, 20 per cent to the Philippines and 10 per cent to China,” he said. Warning that corporate leaders need to be on guard.

“Corporate leaders need to be on guard and know who their business partners are and what security measures they have in place to protect against loss, whether through unintended leakage of proprietary business information, deliberate thefts of intellectual property, or outright economic espionage," Hitchings said.

While technology now allows companies to have their most sensitive proprietary computer code written overseas, he said the inability of companies to sufficiently vet the personnel involved in these activities can create a “significant vulnerability.”

US openness to foreign trade and investment and its commitment to global information sharing through academic and scientific exchange, Hitchings said unfortunately leave US technologies highly exposed to foreign exploitation. Pointing out that collectors last year employed a wide variety of techniques in their quest to circumvent US restrictions in the acquisition of sensitive manufacturing processes, he said foreigners often through middlemen acquired sensitive US technologies simply by requesting them via e-mail, faxes or telephones.

Globally networked information systems, he said, also present vulnerabilities, and even the simplest computer threats pose real risks for US companies’ business interests and proprietary knowledge.

Information technology, said Hutchings, has become as important to the US economy as oil, and the growing dependency of the US on foreign it "raises concerns for corporate as well as national security." for instance, he said, half of the world's laptops, one quarter of desktop computers, and half of all PC motherboards are now assembled in China. Taiwan is now responsible for about 70 per cent of all semiconductor production for hire--producing chips designed and marketed by others.”

This growing US dependence, said Hutchings, makes US IT firms vulnerable to interruptions of foreign-built critical components, whether intentional or accidental. “Foreign supply disruptions could suspend US firms' deliveries of finished systems within only a few days, as most carry limited inventories.”


TOPICS: News/Current Events
KEYWORDS: nationalsecurity; outsourcing
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-70 next last
To: Grampa Dave
outsourcing ping
21 posted on 03/20/2004 5:37:40 AM PST by Liz
[ Post Reply | Private Reply | To 1 | View Replies]

To: 1rudeboy
Earlier, someone argued that the HIPAA cannot be "violated" overseas . . . I'd like to figure that out before getting into an argument with you.

I understand. But we're getting into a fairly serious question about the competent jurisdiction of the courts. U.S. laws really don't apply outside our borders. For example, there was a student in the Philippines who released a computer virus - you may recall this - and because this was not against the law in the Philippines, the little miscreant was NOT prosecuted.

Now suppose that a doctor contracts with a company out of India to do some things. Suppose further that the offshore company makes many promises, all in writing, that they will comply fully with all applicable laws - and then, they don't. Is the doctor in criminal violation? I wouldn't think so. Is the offshore company? I'm not so sure. Your test appears to be that if a company does business here, they're subject to our laws - but are they? If a German company sells me a widget, are they automatically subject to the entire body of U.S. law? For that, we'd need to really get into recent precedent.

Even if the offshore company is theoretically criminally liable, the practicality of pursuing them seems daunting. Prosecuting our hypothetical doctor might please some (Me!!!) because it would discourage offshoring, but it seems rather unfair.

Civil suits have similar challenges. I'm aware that sometimes foreign citizens seek to sue U.S. companies in the U.S. because our courts tend to award big damage judgments - as for what we could expect from foreign courts, I have my doubts.

Incidentally, if your medical records are stolen, do you think your lawyer will go after the medical-provider, or simply consult you to let the state prosecutor's office handle the case?

But the state office can't do that. HIPAA is a federal law, and as such must be tried in federal court by a federal prosecutor. That's possible, but they're busy people - and I've got my doubts that they're going to prosecute kindly old Dr. Jones just because someone revealed the Neutrino has very small mass.

As for a civil suit, it's hard to get a lawyer interested if the damages are less than $100,000. I know of a case where a child in a hospital was unable to swallow and the chart specified that all food had to be pureed. The kid was fed a piece of meat the size of a cigarette package, choked, and died. The jury awarded...nothing. So I doubt I'd get to cash out on that one.

22 posted on 03/20/2004 5:40:14 AM PST by neutrino (Oderint dum metuant: Let them hate us, so long as they fear us.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: 1rudeboy
Here you go, for starters:

http://privacy.med.miami.edu/glossary/xd_business_associate.htm

DHHS has taken the position that covered entities are not liable for the privacy violations of business associates. However, if a covered entity becomes aware of a pattern of activity or practice by a business associate that constitutes a material breach, it must:

take reasonable steps to remedy the situation;

if such steps are not successful, terminate the contract or arrangement;

or if termination is not feasible, report the problem to DHHS.

Notwithstanding these provisions, failure to execute a business associate contract with "satisfactory assurances," or to take these corrective actions when the assurances are not met, could result in liability.
23 posted on 03/20/2004 5:42:09 AM PST by angkor
[ Post Reply | Private Reply | To 19 | View Replies]

To: neutrino; 1rudeboy
But we're getting into a fairly serious question about the competent jurisdiction of the courts. U.S. laws really don't apply outside our borders

You guys need to use topics other than health care outsourcing to cover this issue. Don't know what you're missing, but third party Business Associates (outsourcers) are specifically excluded from privacy liability under HIPAA, whether they're in Des Moines or in Bangalore. With an emphasis on "specifically excluded."

24 posted on 03/20/2004 5:49:33 AM PST by angkor
[ Post Reply | Private Reply | To 22 | View Replies]

To: angkor
Thanks. I didn't think it would jibe with your ". . . whenever customer data goes offshore, it's by statute no longer subject to the privacy and security laws of the United States, e.g., HIPAA regs no longer apply."
25 posted on 03/20/2004 5:51:35 AM PST by 1rudeboy
[ Post Reply | Private Reply | To 23 | View Replies]

To: 1rudeboy; neutrino
http://privacy.med.miami.edu/faq/xf_biz_assoc_passthrough.htm
26 posted on 03/20/2004 5:53:08 AM PST by angkor
[ Post Reply | Private Reply | To 25 | View Replies]

To: sarcasm; Grampa Dave
We must mention on outsourcing threads that Dumbocrats are making this a campaign issue, trying to place the blame on GWB.

In point of fact, we need to be naming names......Dim CEO's who outsource......then donate bigtime to John Kerry with their profits.

I see another Kerry inconsistency here.

You also won't hear Kerry mention Heinz's massive outsourcing of American jobs (listed on their web site).

No problem. We'll do do it for him.

27 posted on 03/20/2004 5:59:34 AM PST by Liz
[ Post Reply | Private Reply | To 1 | View Replies]

To: 1rudeboy
Thanks. I didn't think it would jibe with your...

Not sure whether you're sentence parsing or what.

When health care data goes offshore it's by definition "outsourcing", yes? In HIPAA language that would be "Protected Health Information is sent to an [offshore] Business Associate by a Covered Entity."

And under HIPAA regs, that scenario is specifically excluded from HIPAA protection, as I've been repeatedly posting.

28 posted on 03/20/2004 6:00:07 AM PST by angkor
[ Post Reply | Private Reply | To 25 | View Replies]

To: angkor
Thanks for the info!
29 posted on 03/20/2004 6:00:36 AM PST by neutrino (Oderint dum metuant: Let them hate us, so long as they fear us.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: A. Pole
Corporate America is becoming The Enemy Within.
30 posted on 03/20/2004 6:01:58 AM PST by Clintonfatigued
[ Post Reply | Private Reply | To 14 | View Replies]

To: angkor
Not sure whether you're sentence parsing or what.

Actually, yes I am. My reading of the regulation is that the Business Associate must comply with the regulation, and the Covered Entity is not liable for a BA's violation provided there is no negligence by the CE.

31 posted on 03/20/2004 6:10:55 AM PST by 1rudeboy
[ Post Reply | Private Reply | To 28 | View Replies]

To: A. Pole
Yeah, this is not the Kerry slam dunk that we are being led to believe that it is, IMO. I think that the Dems have more cards up their sleeves than a riverboat card sharp.

I have no problem with Bush fighting Kerry right now, but I hope he goes easy with the cash until after the conventions. His campaign war chest scares the Dems right now and they would love to trick him into spending as much of it as they can on Kerry before the convention and pulling a surprise.
32 posted on 03/20/2004 6:15:22 AM PST by DustyMoment (Repeal CFR NOW!!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: sarcasm
But then you're making the assumption that we still have old fashioned National Security...

I see it as the general public being light years behind this modern globalsim...The groundwork was laid decades ago when the Americans who heard about globalism were afraid to talk about it in public...It was bad then, it's bad now...

Our gov't leaders have been trading/selling our secrets for some time now...We don't have much left in the way of National Security...The US has become a Nation/State of the World...Someone will probably be in charge of this New World Order...I assume the US gov't figures it will be them...

But I'm thinking it ought to be clear to anyone who looks, we as a people and a nation, mean little more to our "leaders" than the people and nation of India, or China or Burma...

33 posted on 03/20/2004 6:24:10 AM PST by Iscool
[ Post Reply | Private Reply | To 1 | View Replies]

To: A. Pole
we will invent new technologies faster than they can steal.

Har!

Those technologies will be developed elsewhere. IT is a tough field, why bust your butt getting the degrees, certs, etc. if the jobs are going elsewhere.

My advice to the kids asking me about an IT career: don't. Go into auto body repair, HVAC, etc., open your own shop, be your own person and employee a few people.

34 posted on 03/20/2004 6:41:26 AM PST by banjo joe
[ Post Reply | Private Reply | To 14 | View Replies]

To: 1rudeboy
From what I've read in the HR newsletters, attorneys are issuing rather strong warnings to 'covered entities' AND to their customers (Company XYZ) that the agreements with overseas processors must be VERY tight on security arrangements, with accountability for consequences built into the contracts.

It is an area of concern, so much so that the activity (outsourcing) may abate.
35 posted on 03/20/2004 6:47:42 AM PST by ninenot (Minister of Membership, TomasTorquemadaGentlemen'sClub)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Ohioan
ping
36 posted on 03/20/2004 6:49:22 AM PST by B4Ranch (Most men and nations die, lying down.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: 1rudeboy
You've identified the problem. Most likely the only recovery available to an aggrieved US citizen whose records were compromised is a big fat PI-led damage suit.

THAT'S why the warnings are out there. Beyond that, it's likely (think Alabama) that a damage suit will prevail, leaving the Covered Entity to recover from its Indian subcontractor.
37 posted on 03/20/2004 6:50:46 AM PST by ninenot (Minister of Membership, TomasTorquemadaGentlemen'sClub)
[ Post Reply | Private Reply | To 18 | View Replies]

To: A. Pole
No problem. We are so creative that we will invent new technologies faster than they can steal. No need to cry over buggy whips.

Ameica's power, wealth and security has finally been put on the line, and we are losing it all. Between having to take care of millions of illegals, and seeing good jobs destroyed by foreign workers, Americans don't have a chance.

Equal time: Kerry's spouse has outsourced 35 of her companies to other countries. Wonder if the Democrat Unions know this?

38 posted on 03/20/2004 6:54:29 AM PST by swampfox98 (Beyond 2004 - Chaos! 200 million illegals waiting in the wings)
[ Post Reply | Private Reply | To 14 | View Replies]

To: A. Pole
No problem. We are so creative that we will invent new technologies faster than they can steal. No need to cry over buggy whips.

Assuming that you're not being sarcastic, I guess that means that intellectual protection is unnecessary, except perhaps only for Americans against other Americans. A lack of intellectual protection discourages creativity and trade, which is ultimately why they exist--to benefit the public welfare.

39 posted on 03/20/2004 7:17:27 AM PST by kezekiel
[ Post Reply | Private Reply | To 14 | View Replies]

To: angkor
She insisted I'd made an error in validating my account info (I hadn't) but refused to tell me what the problem was,

That's more of a clueless bank problem. What gets me about offshoring is that companies are doing it with things that they never really did well, ie customer service.

What do they think is going to happen when they send something that they had problems with 3000 miles away? Its going to magically get better? No, it gets worse.
40 posted on 03/20/2004 8:22:16 AM PST by lelio
[ Post Reply | Private Reply | To 4 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-70 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson