Monthly Archives: May 2006

When the Veterans Administration announced

When the Veterans Administration announced this week that some fool had taken its data home to work on it and then “lost” it, it marked the third time that George Toft has had his personal information stolen. As a military man, he was insured by TriWest, whose data was the last memorable Arizona data security breach. In addition, George’s bank also informed him in the past that his personal information had been compromised.

This would be less interesting if George were not one of the foremost authorities on preventing data theft. His business, MyITAZ (www.myitaz.com) specializes in providing secure information architecture and data security solutions to small and medium-size businesses that must comply with the Gramm-Leach-Bliley “Financial Modernization” Act of 1999. He gives seminars on this stuff, in between being victimized by it.

The problem is, most small businesses have no clue what “GLBA” is, much less how to comply with it. The name alone puts them to sleep. Only a small number of them find their way to George. All the publicity has gone to Sarbanes-Oxley compliance, and all the big companies have consultants to help them deal with SOX. But many businesses that aren’t subject to SOX because they’re private and small are subject to GLBA without knowing it.

And here’s why. GLBA applies to financial institutions. Okay, you think banks. But this is how the Act defines a financial institution:

Under the Federal Trade Commission’s Privacy Rule, a financial institution means “any institution the business of which is engaging in financial activities….

Financial activities include lending money, investing for others, insuring against loss, providing financial advice, or making a market in securities. Entities covered by these provisions… include, but are not limited to, mortgage lenders, “pay day” lenders, finance companies, mortgage brokers, non-bank lenders, account servicers, check cashers, wire transferors, travel agencies operated in connection with financial services, collection agencies, credit counselors, and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors.

Additionally, the Privacy Rule restricts the use and disclosure of nonpublic personal information you obtain from a nonaffiliated financial institution….

This is pretty broad. I’m no attorney, but it seems to me almost anyone who keeps customer data can be seen as a financial institution if there are transactions involved. Ironically, even accountants and lawyers fit under these categories.

This law was passed six or seven years ago. And yet companies still don’t have adequate provisions in place to protect customer data. We only hear about the big losses, but for every TriWest or Veterans Administration there are law firms, accounting firms, mortgage brokers and check cashers galore who don’t know how to keep your identity safe when you are their customer.

I find this shocking. How did we put ourselves at risk in this fashion without knowing it?

It happens because we trust the big institutions to have the resources to do things correctly. But we shouldn’t. I never used to shred my bills, but now I try to remember to do so. I faithfully check my credit report to make sure someone isn’t pretending to be me. I shred my expired credit cards, and the ones they send me in the mail that I don’t accept. I’m not a person who lives in fear, I’m not particularly attentive to detail, and yet I feel I must protect myself from what I’ve read is the nightmare of stolen identity. I’ve read stories about people who spent years trying to re-establish their credit, get their jobs back, and put their lives back together after having their identities stolen.

But I’m under no illusion that I’m safe. Not even with George as a friend. Unless I took him with me to every entity that collected my data, and he studied their information architectures, I would never be sure. And I’m certain he doesn’t want to accompany me to many of the places that collect my data. They are very diverse: Pottery Barn, Elizabeth Arden, a mortgage broker whom I won’t name, and several (former) financial advisors. You get the idea: almost EVERYONE collects your data.
Next time you talk to your real estate broker, your accountant, or your payday lender, just for fun ask them if they know about Gramm-Leach-Bliley. When their eyes glaze over, you can start comparing it to Sarbanes-Oxley and talking about secure information architectures. When they’re really deep asleep, you can start telling them about jail time.

Leave a comment

Filed under Uncategorized

I am considering enrolling in

I am considering enrolling in a clinical trial for a new osteoarthritis treatment. I don�t even know what the new treatment is yet, but I know I have osteoarthritis in my hip and I�m of a �certain age,� so they want me in the study. A research lab will give me a bunch of free diagnostic tests, and Novartis, the sponsor of the trial, will pay me $250.00 if I participate.

The money is obviously insignificant; the time involved may be more costly than the remuneration. And fortunately, I have health insurance and can get medical tests on my own if I need them.

So why would I even consider participating? Because somebody has to.

It is getting more and more difficult to get people into clinical trials, and more and more costly to develop new meds. This coincides with theoretically greater need for new therapies as the Boomers age and make their demands on the system.

Back in the day, clinical trials were carried out on prisoners, pacifists, and other captive populations who sometimes didn�t even know they were participating in a trial. Only thirty years later, when a group of people develops a weird-ass disease, do we learn that they were exposed to XYZ chemical in the Army has part of some trial.

But now it�s all different, and getting more so every day. The FDA is currently under a great deal of scrutiny. Last year was a banner year for screw-ups, with the recall of the Cox-2 inhibitors after they passed FDA approval and were in widespread use, and the �black box� warning that now must accompany anti-depressants prescribed for teen-agers to alert parents to the increased suicide risk. And just this morning I heard that Paxil, a common anti-depressant my late husband took a decade ago, has now been found to increase suicide risk in adults.

Every one of these incidents (and you can add the one in the UK, in which four patients in a clinical trial died recently) leads to Congressional hearings and greater concern on the part of the public. Apparently, a survey taken of the FDA�s own employees revealed that even THEY thought the agency was not giving enough attention to public health in its efforts to rush new drugs to market.

According to Laurie Halloran, a biotech consultant whose speech made me begin thinking about these issues, there has been quite a productivity gap in new drug development recently. Despite advances in science, the success rate of product development has NOT improved. New compounds entering Phase 1 development today have an 8% chance of reaching the market versus 14% chance 15 years ago
Phase 3 failure rates are now reported as high as 50% versus 20% in Phase 3, 10 years ago.

And when they get to market (Phase IV), there are clearly some surprises � enough to make the public skeptical about participating in trials unless they are terminal.

Laurie�s point (I hope I�m right because I�m learning all this from her) is that the process for drug development must be improved all along the product development cycle. The small biotech companies that typically contain scientists without management teams or clinical experience must change; the research sites that conduct the trials must change; and the FDA�s regulatory processes must change.

Change is good. But it�s not without struggle. We are not going to fix this process for getting drugs to market overnight. Even though we need the results in a hurry.

We have to train more American clinicians and research sites to conduct trials, and to gather what�s known as �good� data. Good data is accurate, it�s legal (the patient has signed an �informed consent,�) and it is collected from the right demographic.
We also have to find better ways to sponsor (which means pay for) these trials: right now they are fraught with potential conflicts of interest. The drug companies pay for them. That says it all. There are only seven pharmaceutical companies left � the result of half a century of mergers and acquisitions. That�s why the industry is called �Big Pharma.�

But most of all, we have to find ways to bring the innovative products of small biotech companies to the clinical trial stage. What does it take? It takes clinical experience, expertise in product development, patience (about ten years), patients willing to enroll in the trials, and MONEY.

I�m doing my part. I�m donating my body to science.

Leave a comment

Filed under Uncategorized

I don’t have a land

I don’t have a land line anymore. For the past two years, my home phone and fax have been Vonage, which is a VOIP solution. For us humans, VOIP stands for “voice over Internet protocol,” or using your broadband data connection to make phone calls. So I use the cable company to make my phone calls, but not because they have offered me an old-fashioned phone line. I just use my Internet connection to make phone calls.

And now I can do that from my mobile phone as well. Although this doesn’t really matter in domestic calls, it matters a lot when I travel, because international calls can cost up to $2.50 per minute from a cell phone. I discovered that when I was in India and China. When I bought a calling card, it didn’t work in every country. And it still wasn’t cheap. It’s not uncommon for my monthly mobile phone bill to double after a one-week trip to Asia.

It was only a matter of time before a globe-hopping techie would find a solution to this, and last week I helped launch the first one: Mino Wireless (www.minowireless.com). I share it with you because, if you travel internationally, it can be a godsend.

Although Mino only soft-launched three months ago and didn’t even announce itself until I sent out a press release on May 3, it already has customers in 43 countries. When there’s a real problem that’s solved by a new technology, early adopters jump on the solution.

The reason is simple. Especially in developing countries, the number of mobile phones is now larger than the number of landline phones or computers. But although it is natural to use a mobile phone to make international calls, until now it has been inconvenient and expensive. With MINO�s new technology, Internet phone calls will become available to hundreds of millions of new people worldwide. MINO currently has the lead in VoIP connections for mobile devices in quality of service, ease of use and cost. Of course we hope this will last. Yes, there’s a pending patent. It’s more complicated than that.

The founder of Mino, Jing Liu, came upon the solution because he was an end-user with a problem. His former company demanded that he travel frequently throughout Asia, and he was forced to find ways to make international mobile phone calls.

The Internet was the obvious method. Making Internet phone calls has become enormously popular, especially among young people and business people who speak to each other across national boundaries. However, to take advantage Internet phone technology, you have to be in front of a computer– as with Skype–or purchase and install special hardware as with Vonage.

The holy grail of Internet phone calls is to make them work on mobile phones, and Mino may be the first company to achieve that. The company has been working on this technology for more than years, but to launch this worldwide, it had to make its service work on every popular phone from every major carrier in every major country in the world. This was no small feat.

MINO Wireless made its first public announcement recently, disclosing that it had received Series A funding from investors in Silicon Valley and Asia. The mission of the company is developing novel technologies that allow mobile phone users worldwide to make international calls at very low rates. Because this is somewhat threatening to the major carriers, there will probably be some controversy until the carriers themselves figure out a way to partner with Mino and monetize this technology for themselves.

Stay tuned. Mino has a great product roadmap from what I can see (I have been listening in to the analyst briefings) and I’ve got high hopes for it.

Leave a comment

Filed under Uncategorized

Apple fans, I think we

Apple fans, I think we are in for a rude awakening. The new, more successful Apple doesn’t need us anymore. Once we buy a product, we are apparently chopped liver. I’ve heard this on many occasions about IPODs and what happens when their batteries die, but now I’ve got my own real life experience.

About three weeks ago, I was in California with my daughter, running some last minute errands with her as she got ready to leave on a business trip to Bangalore. She and I are both Mac users, and we’ve always felt pretty smug that we had an Apple store to take our computers to when something was wrong, instead of having to mail a Windoze machine back to Dell or HP. Like every other Mac addict, we sometimes went to the Apple store just to try the new toys, and walked out with unintended purchases like home speaker systems or video IPODs.

It was about 2 PM when we arrived at the Apple Store in Burlingame, where my daughter was picking up her G4 laptop to take with her on the trip.

She had brought it in a couple of days previously, when she discovered that the internal mouse was acting a bit quirky; she had made a deal with the Genius Bar to leave the machine there until Saturday afternoon. Her flight was at midnight Saturday night. It was definitely the last minute.

We bellied up to the Genius Bar and were told to wait a minute, while the laptop materialized. An hour later, we still didn’t have it, and we had gotten tired of reading our email on the demo machines. We went back to the Genius Bar, and this time the guy behind the bar again told us to wait a minute.

I abandoned my yoga patience and began to bark at all the clerks. Shortly after that, we were told that the machine wasn’t ready, but that the technician was just putting it back together. We weren’t thrilled, but we figured they just hadn’t started working on it until we showed up to pick it up. We went down the street and had something to eat.

When we came back, we were told that, in putting the case back together, the Genius who worked on her machine had actually broken the keyboard. So now the mouse wasn’t functional, and neither was the keyboard. This was told to us very matter of factly, as though it didn’t matter.

My daughter freaked: she was about to go meet with a client half way across the world with a broken laptop.

After a bunch of deep breaths, we asked if we could have a loaner machine, and if the Genius would move her data and applications. They didn’t have a loaner. Cheerfully, they made the following suggestion: my daughter could BUY A NEW MACHINE, take it with her to India, and return it when she got back. And there wasn’t enough time before the store closed to move the applications and data.

Although the Geniuses in the Apple store thought they had reached a clever solution, I reminded them that my daughter was going to India, not Iowal, and there was a good chance the laptop would be stolen or broken and she’d be out another $2500.

Nobody seemed very concerned that they had broken the machine. They then suggested that she buy an external mouse and keyboard and take those with her on the trip.
When she told them an external keyboard wouldn’t fit into her backpack, they offered to SELL her a bigger backpack.

She finally convinced them to LEND her the backpack to take the mouse and keyboard on the trip. By this time, she was thoroughly frazzled and we were late to everything else we had to do.

What stunned me was how little they offered in terms of customer service, how little authority they had to offer a real solution, and how little they cared. The manager was about to go out to dinner, and her husband and child appeared in the store to accompany her; she looked at us as though only we stood between her and ultimate happiness.

Fast forward to the end of the trip. After tramping across several continents with her makeshift gear, now my daughter still has to solve the problem of the keyboard the Genius Bar broke and the mouse they didn’t fix.

But can you guess all they wanted to know at the Apple Store–How soon was she going to bring back the twenty dollar backpack?

Leave a comment

Filed under Uncategorized