The Texas Health CoLab Learning Series supports Austin’s health innovation ecosystem by offering classes, seminars and immersive workshops that are open to all Texas Health CoLab participants as well as the general public. Seminars usually occur the last Thursday of the month and are livestreamed to several locations across Texas.
This post is by Arushii Nadar, a WorkSpaces @ Texas Health CoLab intern.
For the November 2019 Learning Series event, Trevor Lind focused on creating a culture of confidentiality. Lind — a senior patent attorney at Schwegman, Lundberg and Woessner — began by talking about its importance, followed with common yet surprising circumstances that can cause information leaks and concluded with a brief how-to guide for building a culture of confidentiality.
Lind started by stating that the dictionary definition of confidential information is simply any information that is not desired to be public. For example, personally identifiable information is highly protected in the medical field. Lind said recognizing what information is confidential and how an information leak would impact individuals is key in creating a mindset that acknowledges the importance of confidentiality.
He illustrated confidentiality concerns using news articles about data breaches. One example was a company that accidentally published its own trade secrets on its website. Consequently, others were able to copy its techniques, and the company was powerless to stop them. Lind used this example to demonstrate retroactive, rather than proactive, behavior regarding confidentiality.
Lind also outlined two possible situations that arise with confidential information: Hostile sources conduct a data breach, or, more likely, a company accidentally releases information itself. People often overlook the second situation. While this type of leaks seems laughable, it can be quite common, especially if a large number of employees have editing power.
To prevent situations like this, Lind said companies need to be aware of information inflows and outflows, as well as any information the company generates. Since companies often manage large amounts of information, it is vital to have a plan before the business takes off. Lind compared it to trying to build a plane while flying: It’s difficult to create a plan for preserving confidential data after the company is thriving and has large amounts of information.
Lind also said regulatory framework largely varies by industry and there may be state, federal and international privacy laws to consider. However, according a Yale Journal of Law and Technology article, the main problem is that “companies cannot avoid privacy fiascos simply by following the law,” since rapid growth in technology far outstrips the pace at which new laws are created. Often companies’ actions were legal but the amount of personal information used made people uncomfortable, landing them in headlines. Lind reiterated the authors’ point that companies should reflect on whether their actions could be considered creepy from an outside perspective.
To conclude, Lind offered big-picture suggestions and practical tips to avoid security pitfalls. He encouraged companies to make confidentiality a priority starting at the top of the hierarchy, ideally at the beginning of the company’s journey. They also need to wisely allocate resources toward preserving confidentiality, including funds for information technology and cybersecurity personnel and possibly even cybersecurity insurance.
However, Lind said, “If we guard our toothbrushes and diamonds with equal zeal, we will lose fewer toothbrushes and more diamonds,” which highlights the importance of allocating resources effectively by evaluating risk. Lind also reminded the audience of the importance of simple tasks like using password-protected documents and encrypted communication channels.
Overall, Lind’s presentation was extremely informative and brought to light an important issue in today’s technology-driven world. He thoroughly explained possible causes and practical solutions to information leaks that can be applied across industries.
View the recording of Lind’s seminar to learn more.
To find out about upcoming seminars and to register, please visit the Texas Health CoLab Learning Series website.