What Can We Learn about Healthcare IT Risk from HITECH? Risk Lessons Learned from the US HHS OCR Breach Portal

The healthcare system in the United States has a sophisticated and an industry-unique set of legal requirements. At the Federal level, healthcare entities, which capture personal identifying information (PII) and also financially bill customers, are under two major laws Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH). The HITECH law requires public notifications of healthcare breaches consisting of 500 or more individuals. The notifications are posted to the US Health and Human Services (HHS) Office of Civil Rights (OCR) Breach Portal for the public to review. This research analyzes the previous year of data posted to the HHS OCR portal to gain empirical insights into healthcare IT risks. As risk informs budget, insurance allocations, and best practices, the real-live evidence analysis gives strong indicators of where stronger mitigating controls should be incorporated into the organizational Information Systems (IS) and overall healthcare infrastructure

The Challenges of Business Analytics: Successes and Failures

The successful use of business analytics is an important element of a company’s success. Business analytics enables analysts and managers to engage in an IT-driven sense-making process in which they use the data and analysis as a means to understand the phenomena that the data represent . Not all organizations apply business analytics successfully to decision making. When used correctly, the actionable intelligence gained from a business analytics program can be utilized to improve strategic decision making. Conversely, an organization that does not utilize business analytics information appropriately will not experience optimal decision making; failing to realize the full potential of a data analytics program. This paper examines some organizations that implemented data analytics programs; both successfully and unsuccessfully, and discuss the implications for each organization. Based on the lesson learned, we present ways to implement a successful business analytics program

Mitigating Autonomous Vehicle GPS Spoofing Attacks through Scene Text Observations

This paper investigates both from an empirical and a systems-based perspective, how surrounding textual information can be leveraged towards the mitigation of Autonomous Vehicle (AV) and self-driving cars Global Positioning System (GPS) signal spoofing attacks. The paper presents and proposes methods of how AVs and self-driving cars can extract, as they travel along a trajectory, surrounding textual information through machine-learning based Scene Text Recognition (STR). The paper researches and proposes geospatial models which can be applied to the extracted textual information in order to build a text-based geolocation system for the purposes of validating the received GPS signal. The ultimate contribution of the paper is to lay the groundwork towards enhancing the Cybersecurity of the current and future Autonomous Vehicle and self-driving car ecosystem by addressing its Achilles heel, namely insecure and inaccurate geolocation due to GPS spoofing attacks