In August 2013, Affinity Health Plan paid a $1.2 million fine to the United States Department of Health & Human Services due to a data breach of protected health information (PHI). The culprit was not a hacker or a stolen laptop as is often the case with health records. Rather, it was discarded photocopiers.
The modern photocopier is not simply a device for generating paper. It is also an electronic record repository containing a hard drive. The breach occurred due to Affinity Health Plan’s personnel not understanding this reality of the machine. When Affinity Health returned multiple photocopiers to leasing agents without erasing the data contained on the copier’s hard drive, it impermissibly disclosed the protected health information of 344,579 of its 409,000 members and had to notify them regarding the breach.
This breach emphasizes the need for attorneys, records managers, information security and data privacy professionals to have a better understanding of the sources of data within modern organizations and the outputs that are created by the devices. The need for this understanding of the outputs created by devices that we had not previously thought of creating digital footprints is more of a necessity with each passing day. We are moving at a breakneck pace into the Internet of Things (IoT) or Internet of Everything (IoE). Failure to prepare will lead to embarrassing results such as security and privacy data breaches, spoliation of evidence needed for litigation and investigation, and having game changing, case determinative evidence revealed during the discovery phase and/or at trial.
IoT or IoE refers to the next phase of the internet that is rapidly developing. IoT or IoE is the product of sensors, technology and networking all coming together to allow buildings, infrastructure and other resources to swap information. We are entering the world of George Jetson. For an excellent description of the coming interconnected and programmable world, I highly recommend Bill Wasik’s excellent piece for Wired. Wearable technology in the form of Google Glass, smart watches, and the Fitbit, the automated home and bio-electronics prevalent in the modern hospital and medicine are all examples of devices that will make up the IoT.
ABI research states that there are currently 10 billion devices connected to the internet. Estimates vary as to how many devices will be connected to the internet by 2020. ABI research and IDC estimate it will be 30 billion internet connected devices. Cisco systems puts the estimate at 50 billion and Morgan Stanley estimates 75 billion. It is going to be a huge market. IDC estimates the market to be $8.9 trillion by 2020. On January 13, 2014, Google announced its purchase of Nest Labs, maker of smart thermostats and smoke detectors founded by iPod developer Tony Fadell, for $3.2 billion cash. Speaking from personal experience, the Nest products are amazing and allow you to run a much more efficient and safer home.
The takeaways for lawyers, eDiscovery and information governance gurus, records managers and data security and privacy professionals is the following. We live in a noisy, Big Data world. We face danger when information growth outpaces our understanding of how to process it. When faced with this challenge, humans typically rely on cognitive biases. Reliance on cognitive biases can result in dire consequences in the privacy and litigation realms. Data is noise. Noise distracts us from the truth and discovery of knowledge. Lawyers are persuaders. To persuade effectively, lawyers must have knowledge of the law, knowledge of the case and build systems to deliver the knowledge efficiently. The processes and technologies we utilize must help us find the signal or the real useful knowledge amongst this sea of noise that is our Big Data world.
At cicayda, we are lawyer owned and operated and have over 150 years of combined litigation, eDiscovery and information retrieval experience. We know the job of lawyering and that the critical skills of the trained legal mind will always be a necessary part of the process. We have been in the courtroom and seen star witnesses wilt under the assault of cross-examination. We have sat in depositions where the documents that change everything have been presented to the other side. We have held meet and confers and appeared at case management conferences, collected and preserved evidence, planned cases and proactively built systems to achieve the desired outcome for our clients.
Through this blog, we will explore the IoT and IoE as its develops in 2014 and beyond. This is a requirement for us to meet our goal of providing better, faster, affordable, and always reliable services at a transparent and certain price. By doing so, we can empower you, the intelligent lawyers, to continue to provide high quality and efficient services that your clients demand in challenging times.
By Guest Blogger: Cicayda