Tag Archives: MD

Developing an AI Training Plan for the Government Workforce

Posted on by

In talking about AI, there is a lot of discussion about "training the models"--feeding large amounts of data into an algorithm and then examining the results to ensure they are accurate. Once the models are deployed, the training does not stop for the models, and even more importantly, for its users.

A study from Deloitte estimates that generative AI could help boost productivity tenfold. However, this jump in efficiency will only be realized if AI and its outputs are being used correctly. Working with AI and AI-generated content requires a different set of skills that include critical thinking, algorithmic understanding, data analysis, deeper domain knowledge, cyber/data hygiene, and more. Continue reading

The Changing Identity of Identity Management

Posted on by

A key element of the move to zero trust is the use of "strong multi-factor authentication (MFA) throughout their enterprise." While identity management has been indicated by many as the "low hanging fruit" of a zero-trust journey, it is by no means easy. In fact, recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) called it "notoriously difficult."

Key challenges to implementing MFA include:

  • Lack of standards - the CISA/NSA guidance pointed to confusion over MFA terminology and vague policy instructions as primary challenges to implementing more secure access. A joint committee of European Union (EU) and U.S. experts addressed this same issue in the Digital Identity Mapping Exercise Report, which aimed to define specific digital identity technical terminology. For example, the group found some definitions, such as "authoritative source" and "authentication factor," are identical between the U.S. and EU, whereas others, like "identity" and "signature," remain only partially matched.
  • Phishing - bad actors do not always hack the system; they hack the process, gaining entry through social-engineering tactics that grow more sophisticated by the day. The CISA/NSA report called on the vendor community to provide MFA services with additional investments and greater defenses against sophisticated attacks.
  • Rise of Generative AI - The Department of Homeland Security (DHS) is working to ensure technologies can determine if a submitted image is legitimate or a hacker's spoof. This "liveness detection" is needed to ensure that a submitted selfie is really a photo of a person, not a mask, photo of a photo, or other technique to try to get past the check.

Continue reading

Checking Up on Digital Health Solutions

Posted on by

The health industry has always leaned into emerging technologies to help it become more efficient and effective in delivering patient care. Like a doctor's stethoscope or an X-ray machine, today's digital solutions are part of a continuing evolution of medical tools that enhance and inform provider care. Of course, this use of technology must be thoughtful and careful not to replace doctors or their decisions with computer-generated suggestions.

The government's role of oversight into healthcare delivery is a careful balancing act of encouraging innovation while ensuring patient safety. From medical devices to artificial intelligence (AI), regulations are evolving to ensure healthcare gains efficiencies and insights from digital solutions while maintaining patient protections. In fact, the Food and Drug Administration recently created a new Digital Health Advisory Committee to help support the development of digital health technologies and their regulation. This committee will examine a wide variety of technologies and issues, including AI, cyber security, and equity in healthcare delivery. Continue reading

Department Spotlight: Veterans Affairs

Posted on by

Beyond its important mission of "caring for those who have served in our nation's military and for their families, caregivers, and survivors," the work of today's U.S. Department of Veterans Affairs (VA) is guided by a strategic plan that lays out agency goals to be achieved through 2028. The projects the VA initiates over the coming years will support the following goals:

  1. Consistently communicate with customers and partners to assess and maximize performance, evaluate needs, and build long-term relationships and trust
  2. Deliver timely, accessible, and high-quality benefits, care, and services
  3. Build and maintain trust through proven stewardship, transparency, and accountability
  4. Strive toward excellence in all business operations--including governance, systems, data, and management

Several recent programs illustrate the commitment that the VA has to meeting and exceeding these goals by 2028 and beyond. Continue reading

Understanding the State of State-Level IT

Posted on by

The National Association of State Chief Information Officers (NASCIO) annual member survey aimed to get a picture of what is currently happening in IT implementation at the state level. It focused on how states are funding their IT work and how they are implementing key technologies.

Show Me the Money

The survey found that state CIO offices have a median budget of $132 million, with high levels of federal funding resulting from the Coronavirus Aid, Relief and Economic Security Act, the American Rescue Plan, and the Infrastructure Investment and Jobs Act. But with the level of modernization needed to meet citizen expectations of digital government, that frequently is not enough.

States are increasingly moving to a "chargeback" model where IT funding comes from the business unit where it is used. For example, the Human Resources Department would be responsible for paying for the licenses and development costs of their HR information system, rather than that being seen as an overhead expense funded out of IT. This model allows CIOs to use more of their budget for large-scale IT modernization projects that stretch over many years and impact multiple departments. Continue reading