Health care kudos
I enjoyed your special section on IT security in the health care industry [February 2007]. As a practicing physician with an IT background, I appreciate the challenges HIPAA regulations present from two (often opposing) points of view. I agree that without penalties, the act is weakened; but one must consider the tremendous change health care systems have undergone in the last few years as a direct result of HIPAA. Leniency can be expected in the early phase of such a change.

Likewise, I am not sure a hard line approach of fining institutions or individuals will achieve the long-term goals of health care information security. As in other industries, market forces can have sustained results. Patients notice when IT is well integrated and not restrictive. Organizations such as the Joint Commission on Accreditation of Healthcare Organizations (JCAHO) can expose non-compliant facilities, and newspaper articles about missing medical files or medical mishaps due to sloppy records are devastating to the public relations department. A patient who elects to go elsewhere (a "lost" patient) is far more threatening than a fine.

Jim Streicher
M.D., Ph.D., CISSP

 

MySpace victory
I am so glad to hear about MySpace's suit against the spammers [scmagazine.com, "MySpace files suit against alleged spammer," Jan. 22, 2007] and I hope in the future, ALL of the phishers will be caught and prosecuted!

I have deleted so many friends, and posted countless bulletins warning my friends to change their passwords in order to not be removed from my friend list; now, I feel just awful, and I will have to re-search for my deleted friends, "requesting" their friendship, once again.

I love MySpace, and my security thereof. Please keep me posted, if possible.

Kemishia Loggins,
Fort Worth Journalism Student

 

Let them have pie charts
In the February 2007 issue, Threat Stats shows all of the Top 10 items for viri, spyware, hoaxes, etc. This is a VERY useful article, to explain to upper management what things our IT department is dealing with (they love things in this kind of format, and really enjoy pie-charts for some odd reason).

Would it be possible to create some form of website click-through (easily found from your main page) that could link the latest Threat Stats and current Top 10 items? I realize how timely this information can be – and know that you would have to place many disclaimers within the information, but, this service would truly be helpful.

I think that you would increase your site traffic and expand your reading base if you made this type of "page."

Please let me hear some feedback, and please pass along ‘great job' to everyone involved in your awesome magazine! I devour it as quickly as it arrives!

Steve Pistorius
CCC Parts Company,
Tulsa, Okla.

 

Lost down south
Concerning your January 2007 Threat Report, you made a mistake placing your callout box. You showed Paraguay and talked about Argentina. Paraguay and Argentina are two different countries located in South America. Please have your researchers pay more attention to such details when gathering data to help your magazine's integrity. 

Daniel Danna,
Gematria Products

 

MySpace superworm 
Thanks for being on top of these stories [scmagazine.com, "MySpace superworm creator sentenced to probation, community service," Feb. 1, 2007] and reporting this stuff. It makes me so mad that people want to purposefully mess up other peoples' stuff. I wish I could get the address of that guy and publish it on the internet... maybe then people would think twice if they knew we would fight back by giving out their names and numbers, and prize money so that every wingnut in the world would know where they live with directions. Thanks again.

Mavelton
via email

This sort of story makes my blood boil! There is no point in handing out these "There, there little boy — don't be naughty again" sentences because it doesn't discourage anybody! He should have been given at least two years in prison.

Or is it that they don't want to discourage this type of thing because there is too much money to be made from ‘security' software and hardware?

David Inquieti,
technical consultant

 

Sad farewells
Great piece you wrote on Dr. Bill Hancock ["Bill Hancock, convivial information security pioneer – and amateur stand-up comic – dead at 49," scmagazine.com, Jan. 4]. He was a great guy and one of my best friends.

Bill was part of our new startup, HyperSecurity LLC. JR and I will miss him greatly.

FYI, I attended and spoke at Bill's funeral Sunday. It was a grand tribute to a great man.

Richard Norick,
president,
HyperSecurity LLC

Thank you for doing this article.  It will mean a lot to his son Landreth. Dr. Bill would appreciate your kind words. You caught me by surprise and I wish I could have thought of some other stories, like the time he did a speech in a pink tutu. The world has lost a kind-hearted man.

Kevin Nixon
via email