FDA Hacked | When Is a Database Nothing More than a Digital Filing Cabinet? (Part 1)

The title of this post is a well worn meme for CLOUD, but the recent hacking of the FDA’s systems forces yet another revisiting of the topic. Rather than asking lawmakers for the FDA to launch a third-party audit of its recent breach, “FDA Hacked, Drugmakers Want Proof that Proprietary Data is Safe,” PhRMA and BIO should ask that the architecture of data on the Internet itself be revisited. The current notions of a database are antiquated, and until we rethink the problem, we will have breaches like this one, the 40 million credit cards of consumers at Target and many, many others.
The simple problem is this. Current security models for databases are akin to building moats around castles, with the digital analogs of wider moats and more alligators used to increase security.  I am certain there are many definitions for a database, but I went  to trusty Wikipedia for this one. “A database is an organized collection of data.

Nowhere in this brief definition does it mention that the database has to be managed by a DBMS. Continue Reading →

Why the Noun Interoperability is Pointing Us in the Wrong Direction

Language is not only a way to communicate but also a glimpse into how we think. Our choice of words reveals the way in which we understand the underlying subject matter. This could not be more true than with the word, interoperability. It is not that interoperability isn’t a noble and worthy goal. The challenge is that it comes with assumptions. For something to be interoperable, it assumes that the “exchange” is occurring between two fixed systems. Our goal is to push things back and forth between these systems. In my mind, the more powerful piece of the definition of the adjective, interoperable, is the second part, “make use of information.”

If our goal is to make use of information, then current approaches to interoperability will simply not get us where we need to go.

Continue Reading →