Recent Blog Posts

Mobility Week: Mobile is Healthcare Mechanism for Millennials


Millennials are the next growing population that will capture the attention of doctors. In many cases, doctors today focus on the elderly and those who suffer from chronic diseases because that’s where the main amount of business lies.


When we begin to focus on the younger generation—which has always been connected and is always plugged in—the experience will begin to shift. These younger patients will ask, “why do I have to go see a doctor for a rash or to refill a prescription?” They will want to use a mobile device to take a picture of their rash and send it to a doctor. They will want to know why a pattern matching algorithm cannot look at the rash and let them know if it’s serious enough to go see a doctor. For them, the mobile device is the mechanism for receiving healthcare.


The bottom line is that the millennial generation wants immediacy, which to them means minutes or seconds, not days or weeks. The idea of waiting a few days for an appointment or leaving one location to go to another for treatment is foreign to them. Communication for them needs to be instant. Just ask their families: often times the best way to reach these younger members of our population is to text them—even when everyone is in the same house.


Of course, this type of treatment scenario will not be for everyone. It took a generation or two for online banking to take root. The Millennials now do banking on their phones. They do not need to go to the bank to deposit a check. Banking did not go away; people now have choices for interacting with these institutions. The same will be true with healthcare, and clinicians and IT managers need to be prepared for the onslaught of this mobile revolution.


Clinicians and bricks-and-mortar structures will not go away, but increasingly face-to-face interactions will be in the cyberspace arena. The next step is to make sure these types of treatment options are reimbursable for physicians.


What questions do you have about the next generation of patients and mobile technology? What are you seeing in your organization today?

Read more >

Mobility Week: The Power of Open

Last week, I was chatting with one of our developers when his office lights inexplicably blinked. Perplexed, I inquired, “What just happened?” As is common working with software developers, I caught a glimpse of the future. He explained, “You just sent an email to Danny, and that makes the lights blink.” Both amazed and confused, I listened curiously as he explained the mechanics. A company called If This Then That (IFTTT) freely connects various web-enabled services, and in this case, our developers had used it to connect Gmail’s API service with Philips new Hue WiFi-enabled light bulb. Ergo, when I send an email, the office lights blink. I agree it’s a rather pointless exercise, but I submit that it illustrates an incredibly powerful example of the value of open platforms.


Perhaps a better example will drive the point home. IFTTT integrates with many services, including Automatic, a commercially available device that connects to the Onboard Diagnostics Port on most cars. This device can be configured to send real-time analytics about your vehicle and driving patterns to your mobile device. So, instead of blinking the office lights after an email, perhaps I could have it turn on the lights in my home when I park in the driveway and turn off the engine. Or in another example, when my engine turns on and I leave my driveway, my temperature on my Nest home thermostat automatically adjusts. Using open APIs, companies can securely connect their services – their creative innovations – and in so doing, create unique experiences that no single company could have delivered, or perhaps even imagined.


Perils of Master Planning


I’m reminded of a classic economics essay, “I, Pencil” by Leonard E. Read. Originally published in 1958, the essay creatively illustrates the power of human creativity through a detailed description of how a common, every day pencil comes into existence. He writes:


It is even more astounding that the pencil was ever produced. No one sitting in a central office gave orders to these thousands of people…These people live in many lands, speak different languages, practice different religions, may even hate one another—yet none of these differences prevented them from cooperating to produce a pencil. How did it happen?


The brief essay describes in great detail how millions of people, disconnected and unaware of each other’s efforts, work together to mine the raw materials, transport the cargo, produce the parts, manufacture the tools, and put the materials in place to create the most basic of objects that we use and take for granted every day – the pencil. He speaks to the limits of centralized planning and control, writing:


…no single person on the face of this earth knows how to make me [the pencil]…There is a fact still more astounding: The absence of a master mind, of anyone dictating or forcibly directing these countless actions which bring me [the pencil] into being. No trace of such a person can be found. Instead, we find the Invisible Hand at work.


Interoperability in Healthcare IT


Unfortunately, it appears that Healthcare IT is slow in adopting the very fundamental premises that have been adopted by modern non-healthcare SaaS vendors. No single vendor should be tasked with knowing all use cases in health care, just as no single person or company could build every component necessary to craft the simple pencil. No hospital should have to rely on a single company to provide all of its software needs, since neither the hospital nor the software vendor understands all that is – or, more importantly, will be – required. By allowing vendors to work together, through the use of an open platform of interoperable services and components, we are providing new opportunity for innovation and creativity to occur. In the end, open standards improve our patients’ experience in ways planned and unplanned.


This advantage is clear to both federal regulators and the VC market. The Office of the National Coordinator recently released for public comment a draft entitled Interoperability Roadmap, aimed at “promoting, facilitating, and enhancing the safe and secure exchange and use of health information nationwide”. These new opportunities will be well funded, as a recent report from Mercom Capital Group shows a doubling of the 2014 Healthcare IT investment to $4.6 billion. The transformative effects of open platforms have transformed other industries, and the rising potential of mobility to empower the patient will make the consumerization of healthcare a reality.




Imagine what would be possible if we were able to create intelligent software systems that easily and effectively communicated with one another? How would this change the experience of the users of the systems? And more importantly how would it change the experience of the patients receiving care?


While these aren’t the easiest problems to solve, there are some extremely smart individuals in the Healthcare IT space who can move this discussion forward in a way will benefit everyone at every level of the healthcare space. We need to collaborate and we need to trust one another. And when we can create a real open Healthcare ecosystem, that bulb in our office will have even more reasons to blink.

What questions do you have?

Jeffrey R. Zavaleta, MD, is Chief Medical Officer at Graphium Health.

Read more >

8 Ways to Secure Your Cloud Infrastructure


Clouding Around – A mini-blog series on the Cloud with Arif Mohamed

Part 1: 8 Ways to Secure Your Cloud Infrastructure


Cloud security remains a top concern for businesses. Fortunately, today’s data center managers have an arsenal of weapons at their disposal to secure their private cloud infrastructure.

Here are eight things you can use to secure your private cloud.


1. AES-NI Data Encryption

End-to-end encryption can be transformational for the private cloud, securing data at all levels through enterprise-class encryption. The latest Intel processors feature Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI), a set of new instructions that enhance performance by speeding up the execution of encryption algorithms.


The instructions are built into Intel® Xeon server processors as well as client platforms includingmobile devices.


When encryption software utilises them, the AES-NI instructions dramatically accelerate encryption and decryption – by up to 10 times compared with software-only AES.


This speedy encryption means that it is possible to incorporate encryption across the data centre without significantly impacting infrastructure performance.


2. Security Protocols

By incorporating a range of security protocols and secure connections, you will build a more secure private cloud.


As well as encrypting data, clouds can also use cryptographic protocols to secure browser access to the customer portal, and to transfer encrypted data.


For example, Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols are used to assure safe communications over networks, including the Internet. Both of these are widely used for application such as secure web browsing, through HTTPS, as well as email, IM and VoIP.


They are also critical for cloud computing, enabling applications to communicate over the network and throughout the cloud while preventing undetected tampering that modifies content, or eavesdropping on content as it’s transferred.


3. OpenSSL, RSAX and Function Stitching

Intel works closely with OpenSSL, a popular open source multiplatform security library. OpenSSL is FIPS 140-2 certified: a computer security standard developed by the National Institute of Standards and Technology Cryptographic Module Validation Program.


It can be used to secure web transactions through services such as Gmail, e-commerce platforms and Facebook, to safeguard connections on Intel architecture.


Two functions of OpenSSL, that Intel has contributed to, are RSAX and function stitching.


The first is a unique implementation of the popular RSA 1024-bit algorithm, and produces significantly better performance than previous OpenSSL implementations. RSAX can accelerate the time it takes to initiate an SSL session – up to 1.5 times. This provides a better user experience and increases the number of simultaneous sessions your server can handle.


As for function stitching: bulk data buffers use two algorithms for encryption and authentication, but rather than encrypting and authenticating data serially, function stitching interleaves instructions from these two algorithms. By executing them simultaneously, it improves the utilisation of execution resources and boosts performance.


Function stitching can result in up to 4.8 times performance improvement for secure web servers when combined with RSAX and Intel AES-NI.


4. Data Loss Prevention (DLP)

Data protection is rooted in the encryption and secure transfer of data. Data loss prevention (DLP) is a complementary approach focused on detecting and preventing the leakage of sensitive information, either by malicious intent or inadvertent mistake.


DLP solutions can profile content against rules and capture violations or index and analyse data to develop new rules. IT can establish policies that govern how data is used in the organisation and by whom. By doing this they can clarify security practices, identify potential fraud and avert accidental or unauthorised malicious transfer of information.


An example of this technology is McAfee Total Protection for Data Loss Prevention. This software can be used to support an organisation’s governance policies.


5. Authentication

Protecting your platform begins with managing the users who access your cloud. This is a large undertaking because of the array of external and internal applications, and the continual churn of employees.

Ideally, authentication is strengthened by routing it in hardware. With Intel Identity Protection Technology (Intel IPT), Intel has built tamper-resistant, two-factor authentication directly into PCs based on third-generation Intel core vPro processors, as well as Ultrabook devices.


Intel IPT offers token generation built into the hardware, eliminating the need for a separate physical token. Third-party software applications work in tandem with the hardware, strengthening the authentication process.


Through Intel IPT technology, businesses can secure their access points by using one-time passwords or public key infrastructure.


6. API-level Controls

Another way in which you can secure your cloud infrastructure is by enforcingAPI-level controls. The API gateway layer is where security policy enforcement and cloud service orchestration and integration take place. An increased need to expose application services to third parties, and mobile applications is driving the need for controlled, compliant application service governance.


WithAPI-level controls, you gain a measure of protection for your departmental and edge system infrastructure, and reduce the risk of content-born attacks on applications.


Intel Expressway Service Gateway is an example of a scalable software appliance that provides enforcement points and authenticates API requests against existing enterprise identity and access management system.


7. Trusted Servers and Compute Pools

Because of cloud computing’s reliance on virtualisation, it is essential to establish trust in the cloud. This can be achieved by creating trusted servers and compute pools. Intel Trusted Execution Technology (TXT) builds trust into each server, at the server level, by establishing a root of trust that helps assure system integrity within each system.


The technology checks hypervisor integrity at launch by measuring the code of the hypervisor and comparing it to a known good value. Launch can be blocked if the measurements do not match.


8. Secure Architecture Based on TXT

It’s possible to create a secure cloud architecture based on TXT technology, which is embedded in the hardware of Intel Xeon processor-based servers. Intel TXT works with the layers of the security stack to protect infrastructure, establish trust and verify adherence to security standards.


As mentioned, it works with the hypervisor layer, and also the cloud orchestration layer, the security policy management layer and the Security Information and Event Management (SIEM), and Governance, Risk Management and Compliance (GRC) layer.



Cloud security has come a long way. It’s now possible, through the variety of tools and technologies outlined above, to adequately secure both your data and your user. In so doing, you will establish security and trust in the cloud and gain from the agility, efficiency and cost savings that cloud computing brings.


- Arif

Read more >