The adoption of mobile devices, cloud computing and collaborative technologies is happening faster than most companies are able to adapt security policies, resulting in increased risk to sensitive corporate and personal data, according to "Worldwide State of the Endpoint 2010," a new Ponemon Institute study commissioned by Lumension. Insufficient resources and a lack of C-level support for security initiatives were cited as reasons for these shortcomings.

Among the survey's key findings:

· 56 percent of individuals surveyed said mobile devices are not secure, representing a risk to data security;

· 49 percent of individuals surveyed said data security is not a strategic initiative for their companies;

· 48 percent of individuals surveyed said their companies have allocated insufficient resources to achieve effective data security and regulatory compliance;

· 47 percent of individuals cited a lack of strong CEO support for information security efforts as a reason for ineffective data security programs; and

· 41 percent of individuals said there was a lack of proactive security risk management in their organizations.

The study was conducted to better understand how emerging technologies, such as Web 2.0, mobile computing and the "consumerization" of IT - the accommodation and integration of employee-owned mobile devices within the corporate enterprise - are affecting business environments and how organizations are managing security risks across IT operations and security.

Significant perception gaps exist between IT security and IT operations professionals related to the complexity of security technologies, misalignment of IT and business objectives, technology integration, and employee skill and knowledge.

Other findings:

· 44 percent of organizations subsidize or plan to subsidize employees' mobile devices, 40 percent of organizations say employees can connect their own devices to the company network, and 26 percent have policies permitting employees to connect their own devices to the company network;

· 31 percent of respondents said collaboration between IT security and IT operations was non-existent;

· 72 percent of respondents view negligent insiders as a top security threat heading into 2010.

An 11-country survey found that, compared to physicians in other countries, U.S. doctors were less likely to use health information technology (HIT). The 2009 Commonwealth Fund International Health Policy Survey polled more than 10,000 primary care physicians in Australia, Canada, France, Germany, Italy, the Netherlands, New Zealand, Norway, Sweden, the United Kingdom and the United States.

In the study, 46 percent of U.S. primary care doctors reported using electronic medical records (EMRs), well behind the number of physicians in the Netherlands (99 percent), New Zealand (97 percent), Norway (97 percent), the U.K. (96 percent), Australia (95 percent), Italy (94 percent) and Sweden (94 percent).

In addition to basic EMRs, the survey asked about a range of 13 possible computer functions, including electronic medication prescribing and alerts for medication errors, ordering lab tests and viewing test results, and support and prompts for preventive care and follow-up care with patients. Results varied widely by country, ranging from nearly all to half of doctors reporting at least nine of 14 possible computerized functions in New Zealand (92 percent), Australia (91 percent), the U.K. (89 percent), Italy (66 percent), and the Netherlands (54 percent), to one fourth or fewer practices in the U.S. (26 percent), Norway (19 percent), France (15 percent) and Canada (14 percent).

In the U.S., advanced information capacity was concentrated in larger group practices and those affiliated with integrated care systems. In contrast, in the seven countries with nearly universal use of EMRs, there was little or no difference in advanced health information technology use by practice size. The survey authors noted that, in these countries, national policies and standards have supported the wide adoption of information technology in primary care practices.

A recent Cutter Consortium survey looked at the effect of agile methods of software maintenance. In all product-support categories, agile-developed software products were generally easier to maintain and customer satisfaction was higher, compared to traditional development methods.

The objective of the survey, developed and analyzed by Cutter Consortium Senior Consultant E.M. Bennatan, was to understand the advantages or disadvantages of agile methods after the release of a software product.

The majority of software development organizations (77 percent) reported that they have adopted agile methods, at least for some of their projects. Most of these organizations (53 percent) found that agile-developed software is easier to support due to frequent product releases and customer involvement during development.

Bennatan looked deeper into the data to discern how the support activities differ in those organizations that reported agile-developed software having either a positive or negative impact on support activities.

"What I found was that a significant number of organizations (46 percent) reported that customer involvement during agile development leads to higher customer satisfaction, which in turn leads to better interaction with customers and users. No companies disagreed; that is, none found that customer involvement hindered product support," Bennatan said.

"Interestingly, about one-third (34 percent) reported that agile-developed products are usually released with fewer defects, thus reducing the need for software maintenance, while only 3 percent found more defects, which increased the need for maintenance," Bennatan said

Twenty-six percent of surveyed companies reported that products with frequent releases and more customer involvement require fewer support resources -- staff, budget, etc. But 10 percent disagreed, finding that agile-developed products require more resources. Yet another finding, reported by 16 percent of respondents, found less of a need for customer-specific changes due to frequent product releases, while 8 percent reported their agile projects needed more changes.

Health Level Seven (HL7), the non-profit standards development organization, has published the health care industry's first American National Standards Institute (ANSI)-approved standard that specifies the functional requirements for regulated clinical research in an electronic health record system (EHR-S). The HL7 EHR Clinical Research Functional Profile for EHR systems is based on the HL7 Work Group's EHR System Functional Model Release 1, which is also an ANSI-approved American National Standard.

The EHR Clinical Research Functional Profile defines high-level requirements critical for using EHR data for regulated clinical research, and provides a roadmap for integrating the information environment that must support both the patient care and the downstream clinical research processes, according to HL7.

"This profile is an excellent demonstration of how important functional requirements for secondary data use, such as clinical research, can be integrated into the patient care workflow and documented in EHR systems," said Donald Mon, PhD, co-chair of the HL7 EHR Work Group and member of the HL7 board of directors. Pharmaceutical, biotechnology, clinical research technology vendors, health care technology vendors and federal regulatory stakeholders from the United States and the European Union collaborated for two years to identify and address a broad list of data protection, regulatory and ethical research requirements.

The EHR Clinical Research Functional Profile is also a resource for the Certification Commission for Healthcare Information Technology (CCHIT) Clinical Research Work Group as they define new clinical research certification criteria for EHR systems. This functional profile will be complemented by the EHR-Clinical Research Interoperability specification currently being developed by the Health Information Technology Standards Panel.

Pittsburgh-based Magee-Womens Hospital of the University of Pittsburgh Medical Center (UPMC) joined two other UPMC facilities in the elite ranking of hospitals recognized for their advanced use of a comprehensive electronic medical record (EMR) to enhance patient safety.

Magee-Womens Hospital, like UPMC Presbyterian and Children's Hospital of Pittsburgh of UPMC, is now a Stage 6 hospital, according to HIMSS Analytics, a not-for-profit subsidiary of HIMSS. HIMSS Analytics scores hospitals based on their progress in completing eight stages, from zero to seven, of a paperless patient record environment, and its studies have shown correlations between quality metrics and EMR adoption. Only 66 hospitals in the HIMSS database of more than 5,700 facilities are now at Stage 6, and only 26 are at Stage 7.

"This achievement is a testament to our clinicians and their commitment to providing the safest, highest-quality care for our patients," said Leslie Davis, president of Magee-Womens Hospital of UPMC. "With President Obama and other national leaders now focused on the adoption of electronic medical records, our dedicated doctors, nurses and technology staff are showing the nation how to accomplish this important task."

With deployment of computerized physician order entry (CPOE) in early October, Magee has achieved Stage 6 functionality, which also includes computerized charting, decision support for clinicians, positive patient identification (PPID) for safe administration of medications and physician documentation. Physician use of CPOE at Magee is averaging more than 85 percent -- much higher than the rate typically achieved in the early months of such an implementation -- and medication scanning with PPID is greater than 90 percent.

Systemwide, CPOE is deployed across nearly half of UPMC's inpatient beds compared to less than 2 percent nationally, and each of UPMC's 20 hospitals uses some aspect of eRecord, as the system is called. At UPMC's more than 400 outpatient settings, an estimated 60 percent of physicians have access to the ambulatory eRecord.

UPMC's use of EMR technology, which dates back to the late 1990s, already has achieved significant patient safety and efficiency gains. With CPOE, for instance, UPMC St. Margaret showed a 77 percent reduction in missed medications, while medication turnaround times at UPMC Shadyside improved 52 percent. Prescriptions of more cost-effective generic drugs at physician practices with electronic-prescribing capabilities have climbed more than 20 percent.

The worldwide mobile phone market saw mild sequential growth in the third quarter of 2009, according to IDC's Worldwide Mobile Phone Tracker. Year-on-year growth remained negative, but improved from the first half of 2009. Mobile phone shipments totaled 287.1 million units worldwide in 3Q09, down 6.0 percent from a year earlier, but up 5.6 percent from the second quarter.

"The mobile phone market is showing the first signs of improvement since the onset of the economic crisis," said Ramon Llamas, senior research analyst with IDC's mobile devices technology and trends team. "During the third quarter, we saw a number of channels promoting older devices at significantly lower prices. For many, this was enough to spur demand and push volumes higher. Now that we have moved into the fourth quarter, vendors are setting the stage for further gains by launching their flagship devices to meet pent-up demand."

IDC also examined the top five mobile phone vendors:

• Nokia experienced continued pressure during the third quarter of 2009 in its devices and services group. The company reported a 20 percent decrease in revenue, ASP decline and a shortage of components across its product portfolio. Even its tight hold on the converged mobile device category was loosened as the company cited a market share decrease from 41 percent to an estimated 35 percent.
• Samsung reached a new record by shipping more than 60 million units in a single quarter. This puts the company well within reach of achieving its goal of shipping 200 million units in 2009, IDC said. 
• LG Electronics breached the 30 million unit mark for the first time in its history. Nearly half of those units sold for less than $100, making them handsome purchases for carriers.
• Sony Ericsson marked Hideki Komiyama's final quarter as president of the company. During his tenure, Sony Ericsson realized improved operational efficiencies and cost reduction to increase profitability.
• Motorola slipped to fifth place, but in the process the company reported progress in its restructuring campaign. In addition to reducing its operating losses for the second consecutive quarter, Motorola announced its much anticipated Android-powered converged mobile device, the CLIQ/DEXT, as well as its new DROID, IDC said.

The inaugural Forrester Research Workforce Technographics survey, designed to show the technology adoption habits of information workers (iWorkers), determined that while email and desktop computers are ubiquitous, few other applications or devices are, and that more experienced employees -- not Generation Y -- are the leading users of social technology on the job.

The findings, released at Forrester's recent Business Technology Forum, are contained in the report, "The State of Workforce Technology Adoption: U.S. Benchmark 2009," which is based on a survey of more than 2,000 iWorkers in the U.S. at companies with 100 or more employees. Forrester's Workforce Technographics data enables information and knowledge management professionals and other IT leaders to benchmark their organization's technology adoption and attitudes to drive investments and prioritize initiatives.

Forrester surveyed respondents on workplace adoption of technologies such as devices -- PCs and laptops -- productivity tools, mobility, collaboration software, intranet portals and Web 2.0 technologies.

The survey found that three out of four iWorkers still use a desktop, and 63 percent of desktop users spend four or more hours per day on it. However, more than one-third of respondents use more than one device at least weekly.

Email, word processing and spreadsheets are the top three productivity tools used by iWorkers, but even the use of those applications fluctuates greatly. Email is used by 57 percent of iWorkers hourly. However, word processing and spreadsheets are not used as frequently. Only 16 percent and 14 percent, respectively, of iWorkers use these applications every hour.

Only one in 10 iWorkers has a smartphone for work, but almost one in three iWorkers agree that they use a personal mobile phone for work purposes. There is demand among iWorkers for smartphones.

With collaboration tools going widely untapped by companies -- only one in four iWorkers use Web conferencing and one in five use team sites -- email remains the de facto collaboration tool for most professionals, with an 87 percent adoption rate.

Seventy percent of all iWorkers visit the employee portal and 43 percent do so at least daily. Search is the most commonly used resource on the portal, followed by information related to performance reviews and personal goals.

Even though 59 percent of the 18-to-29-year-old professionals use social technologies at home, only 14 percent use them in the workplace -- the same percentage as Gen X employees, ages 30 to 43. Instead of social technologies, mobile texting is Gen Y's communication method of choice: 51 percent are using their personal mobile for texting at work.

A new report from KLAS explores the landscape for document management and imaging (DMI) applications, and finds that many hospitals use DMI to help ease the transition from paper records to electronic medical records (EMRs).

The KLAS report, "Enterprise DMI: Finding the Right Stepping Stone to Full EMR," evaluated the DMI technology of 14 vendors, based on the feedback of their customers. While the study acknowledges that DMI -- which provides scanning, indexing and archiving of paper records -- is becoming less critical in advanced organizations, the vast majority of hospitals are still crossing the chasm between paper and a full EMR, and many are using a DMI solution to ease the jump, according to the report.

Unlike many clinical software markets, the DMI segment is dominated by best-of-breed vendors and not the traditional large EMR companies. Among those large core clinical vendors, only McKesson's DMI application was rated above average by providers, although Siemens' DMI technology was also praised for strong functionality and workflow features. Other enterprise vendors, such as Cerner, Eclipsys and MEDITECH, have been criticized for offering DMI applications that have functional deficiencies and inconsistent support.

According to the KLAS report, best-of-breed vendors MedPlus and Hyland are the clear leaders in DMI. "Both Hyland and MedPlus provide successful solutions for almost any size organization," said Steve Van Wagenen, KLAS research director and author of the DMI study. "And their customer satisfaction scores remain strong regardless of the organization's EMR."

Among the DMI vendor products highlighted in the KLAS report, MedPlus ChartMaxx earned the highest KLAS performance score (88.2 out of 100), followed by Hyland Software OnBase (86.8) and Perceptive Software ImageNow (83.3). Overall, the DMI market segment features some of the highest satisfaction scores of any of the categories KLAS tracks. In the company's "2008 Top 20 Best in KLAS Awards: Software & Professional Services" report, DMI was the second highest-rated market segment for customer satisfaction, behind only enterprise scheduling software.

Other vendors highlighted in the KLAS report include 3M, Alpha Systems, BlueWare, Cerner, CGI, DB Technology, McKesson, MEDITECH, QuadraMed, Siemens and Streamline Health.

Smartphones with consumer-oriented functionality scored the highest marks in a recent customer satisfaction study released by CFI Group.

Smartphones, led by Apple's iPhone and including Google's Android and Palm Pre, are bringing in new customers no longer dominated by business users, according to "The CFI Group Smartphone Satisfaction Study." Based on a survey of more than 1,000 users, the study also found little relationship between smartphone satisfaction and satisfaction with the provider.

Moreover, exclusivity contracts may have drawbacks for carriers if they invite customers drawn to the device and not the provider. Using the methodology of the American Customer Satisfaction Index to compare smartphone platforms, the iPhone led in customer satisfaction, scoring 83 on a 100-point scale, 8 percent higher than its nearest competitors, Android and the Pre (77 percent). Smartphones, popular among business users, like Research in Motion's BlackBerry (73 percent) and Palm's Treo (70 percent), trail in customer satisfaction, while the "others" category, which includes Symbian and Windows Mobile, scores 66, CFI said.

The majority of new smartphone owners are using them mostly for personal use, a departure from the early adopters that originally used smartphones primarily for business.

This new customer has higher expectations of the smartphone, and platforms that satisfy these needs rate the highest.

NTT Docomo Inc., NEC Corp., Panasonic Mobile Communications and Fujitsu Ltd. announced recently that they are making progress in developing the Long Term Evolution Platform (LTE-PF), a mobile-terminal platform based on Long Term Evolution, a new mobile communication standard for fast downlinks above 100 Mbps and uplinks above 50 Mbps.

The four companies have completed the development of an LTE-PF chipset engineering sample and are now evaluating its functionality. The sample was exhibited in October at both the NTT Group at ITU Telecom World 2009 in Geneva, Switzerland and the Docomo CEATEC Japan 2009 at Makuhari Messe in Japan.

LTE-PF is a core system baseband processing and other basic functions in mobile communication devices. The platform's technology is expected to be licensed in mobile phone markets worldwide, where its adoption as a common platform will free manufacturers of mobile phones and chipsets from having to develop proprietary technologies for basic functions. As a result, manufacturers will get products to market faster and at lower costs, and will be able to concentrate more resources on the development of enhanced lineups of unique products.

The LTE protocol on which LTE-PF is based is currently being standardized by the 3rd Generation Partnership Project (3GPP). Seamless hand-off is possible between LTE and the current third-generation (3G) standards W-CDMA and GSM, meaning that users would be unaware of switching networks even while using their phones.

NTT Docomo is a mobile operator and provider of advanced mobile services. The company serves more than 55 million customers in Japan, including 48 million using i-mode, the popular mobile e-mail/Internet platform, and 50 million users of FOMA, the original 3G mobile service based on W-CDMA.

The Payment Card Industry Data Security Standard (PCI DSS) and HIPAA are driving encryption projects across industries, according to the 2009 Encryption and Key Management Benchmark Survey, conducted by research firm Trust Catalyst on behalf of Thales.

In the survey, which polled 655 IT professionals around the world, 53 percent of the U.S. companies responding said they are planning encryption projects to comply with HIPAA. Fifty-two percent of the European companies surveyed are planning encryption projects to comply with PCI DSS. Continuing a trend from the 2008 report, however, organizations continue to be at risk, with only 43 percent using database encryption and 41 percent using tape encryption.

As organizations plan to tackle compliance with encryption, they are spending more time and effort on key management planning. Thirty-four percent of respondents have now spent one year or more planning for key management issues, up from 26 percent last year. Driven by demands for business continuity and availability, 49 percent of organizations indicated they must be able to recover an encrypted database in one hour or less, up from 37 percent in 2008.

The study also found that 5 percent of organizations have experienced problems with a lost or compromised encryption key over the last two years. Key management errors or breaches resulted in 39 percent of these organizations losing data permanently or disrupting business operations.

"These results show clearly that two of the most important pieces of data -- a person's credit card details and their health records -- and the regulations designed to safeguard this data are the major drivers for companies to encrypt data," said Franck Greverie, vice president and managing director for the information systems security activities of Thales.

"The impact of a data breach is one of the main security headaches for CEOs and IT specialists alike, and regulation is already playing a role in terms of tightening data security," Greverie said. "The very nature of encryption means that data is secure even if many of the other enterprise security mechanisms fail, and regulators and industry will therefore grow to depend on encryption."

The first site in CalRHIO's statewide health information exchange (HIE) system is live in Orange County at Coastal Communities Hospital. As a result of collaboration between CalRHIO and the local HIE effort, the Orange County Partnership Regional Health Information Organization (OCPRHIO), 23 hospital emergency departments over the next five months will have secure electronic access to critical medical information.

HIE is a major piece of the Obama Administration's health reform initiative, and the focus of California is to develop a plan to apply for HIE federal stimulus funds. Initially, data will be provided on 380,000 patients enrolled in CalOptima, which covers people in Medi-Cal, Medicare and Healthy Kids. During 2010, more data sources will be added to the CalRHIO HIE, including prescription history, lab results and additional clinical claims information. Also, Orange County providers will have access to the data as well, in support of OCPRHIO and State of California strategic plans.

By leveraging CalRHIO's technology platform, provided by its technology partner Medicity, OCPRHIO chose not to incur the time and expense of building its own data exchange. Orange County physicians will be able to communicate with other doctors and hospitals across the state, as well as the national network.

"Our physicians and nurses are excited about having this new source of information," said Nova Stewart, OCPRHIO chair and CIO of Integrated Healthcare Holdings. Four Integrated Healthcare Holdings hospitals are the first to begin using the HIE system -- Coastal Communities Hospital, Western Medical Center Anaheim, Western Medical Center Santa Ana, and Chapman Medical Center.

"We believe that having access to patient data in the emergency department will enable us to better serve our patients," Stewart said.