Posted on 03/20/2004 4:06:30 AM PST by sarcasm
Washington, March 20:With as many as three million software industry jobs poised to move offshore by 2015, the US industry needs to protect itself against potential security risks, including economic espionage, the chairman of the National Intelligence Council has warned.
While outsourcing of business functions is a growing trend that helps firms cut costs, it also brings potential security risks--particularly when outsourcing involves entities owned and operated abroad, Robert L. Hitchings, Chairman of the council, which is the US intelligence community's think tank said while addressing the international security management association in Scottsdale.
He said besides outsourcing, writing computer codes aboard and importing hardware entails security risks. As many as 3 million software industry jobs could move offshore by 2015, with 70 per cent of these jobs moving to India, 20 per cent to the Philippines and 10 per cent to China, he said. Warning that corporate leaders need to be on guard.
Corporate leaders need to be on guard and know who their business partners are and what security measures they have in place to protect against loss, whether through unintended leakage of proprietary business information, deliberate thefts of intellectual property, or outright economic espionage," Hitchings said.
While technology now allows companies to have their most sensitive proprietary computer code written overseas, he said the inability of companies to sufficiently vet the personnel involved in these activities can create a significant vulnerability.
US openness to foreign trade and investment and its commitment to global information sharing through academic and scientific exchange, Hitchings said unfortunately leave US technologies highly exposed to foreign exploitation. Pointing out that collectors last year employed a wide variety of techniques in their quest to circumvent US restrictions in the acquisition of sensitive manufacturing processes, he said foreigners often through middlemen acquired sensitive US technologies simply by requesting them via e-mail, faxes or telephones.
Globally networked information systems, he said, also present vulnerabilities, and even the simplest computer threats pose real risks for US companies business interests and proprietary knowledge.
Information technology, said Hutchings, has become as important to the US economy as oil, and the growing dependency of the US on foreign it "raises concerns for corporate as well as national security." for instance, he said, half of the world's laptops, one quarter of desktop computers, and half of all PC motherboards are now assembled in China. Taiwan is now responsible for about 70 per cent of all semiconductor production for hire--producing chips designed and marketed by others.
This growing US dependence, said Hutchings, makes US IT firms vulnerable to interruptions of foreign-built critical components, whether intentional or accidental. Foreign supply disruptions could suspend US firms' deliveries of finished systems within only a few days, as most carry limited inventories.
I understand. But we're getting into a fairly serious question about the competent jurisdiction of the courts. U.S. laws really don't apply outside our borders. For example, there was a student in the Philippines who released a computer virus - you may recall this - and because this was not against the law in the Philippines, the little miscreant was NOT prosecuted.
Now suppose that a doctor contracts with a company out of India to do some things. Suppose further that the offshore company makes many promises, all in writing, that they will comply fully with all applicable laws - and then, they don't. Is the doctor in criminal violation? I wouldn't think so. Is the offshore company? I'm not so sure. Your test appears to be that if a company does business here, they're subject to our laws - but are they? If a German company sells me a widget, are they automatically subject to the entire body of U.S. law? For that, we'd need to really get into recent precedent.
Even if the offshore company is theoretically criminally liable, the practicality of pursuing them seems daunting. Prosecuting our hypothetical doctor might please some (Me!!!) because it would discourage offshoring, but it seems rather unfair.
Civil suits have similar challenges. I'm aware that sometimes foreign citizens seek to sue U.S. companies in the U.S. because our courts tend to award big damage judgments - as for what we could expect from foreign courts, I have my doubts.
Incidentally, if your medical records are stolen, do you think your lawyer will go after the medical-provider, or simply consult you to let the state prosecutor's office handle the case?
But the state office can't do that. HIPAA is a federal law, and as such must be tried in federal court by a federal prosecutor. That's possible, but they're busy people - and I've got my doubts that they're going to prosecute kindly old Dr. Jones just because someone revealed the Neutrino has very small mass.
As for a civil suit, it's hard to get a lawyer interested if the damages are less than $100,000. I know of a case where a child in a hospital was unable to swallow and the chart specified that all food had to be pureed. The kid was fed a piece of meat the size of a cigarette package, choked, and died. The jury awarded...nothing. So I doubt I'd get to cash out on that one.
You guys need to use topics other than health care outsourcing to cover this issue. Don't know what you're missing, but third party Business Associates (outsourcers) are specifically excluded from privacy liability under HIPAA, whether they're in Des Moines or in Bangalore. With an emphasis on "specifically excluded."
In point of fact, we need to be naming names......Dim CEO's who outsource......then donate bigtime to John Kerry with their profits.
I see another Kerry inconsistency here.
You also won't hear Kerry mention Heinz's massive outsourcing of American jobs (listed on their web site).
No problem. We'll do do it for him.
Not sure whether you're sentence parsing or what.
When health care data goes offshore it's by definition "outsourcing", yes? In HIPAA language that would be "Protected Health Information is sent to an [offshore] Business Associate by a Covered Entity."
And under HIPAA regs, that scenario is specifically excluded from HIPAA protection, as I've been repeatedly posting.
Actually, yes I am. My reading of the regulation is that the Business Associate must comply with the regulation, and the Covered Entity is not liable for a BA's violation provided there is no negligence by the CE.
Har!
Those technologies will be developed elsewhere. IT is a tough field, why bust your butt getting the degrees, certs, etc. if the jobs are going elsewhere.
My advice to the kids asking me about an IT career: don't. Go into auto body repair, HVAC, etc., open your own shop, be your own person and employee a few people.
Ameica's power, wealth and security has finally been put on the line, and we are losing it all. Between having to take care of millions of illegals, and seeing good jobs destroyed by foreign workers, Americans don't have a chance.
Equal time: Kerry's spouse has outsourced 35 of her companies to other countries. Wonder if the Democrat Unions know this?
Assuming that you're not being sarcastic, I guess that means that intellectual protection is unnecessary, except perhaps only for Americans against other Americans. A lack of intellectual protection discourages creativity and trade, which is ultimately why they exist--to benefit the public welfare.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.