Monthly Archive for February, 2009

Computer Safety for SSI Members

I recently received this message from a friend. I’ll call him Bill (not his real name):

My computer crashes have caused me to lose all my stored information.

When I called to assist him, I learned that he had purchased and plugged in his computer years earlier but had never properly installed a firewall, router, or anti-virus software.  Unknown to Bill, this left him completely vulnerable to Internet viruses, trojans, and worms that not only rendered his computer and bank accounts vulnerable to professional Internet hackers, but it also enabled his computer to attack his friends’ computers.

Since joining SSI and its Board last year, I’ve discovered that a large percentage of our highly-educated members are dumber than a box of dirt when it comes to Internet security.  (This will change as new doctors replace older ones).  Additionally, many of SSI’s members have been targeted by corrupted hospitals and medical boards.  SSI members should be aware that they have no “expectation of privacy” when it comes to university and HMO/PPO Internet connections, and multi-billion dollar healthcare or pharmaceutical companies aren’t above playing dirty if they suspect a disloyal, disgruntled, or disruptive employee.

If you’re being targeted for attack or dismissal, your Internet and email connections are a private investigator’s FIRST target and represent a significant vulnerability.  If you want to use a secure method for sending messages from a questionably-secure facility, Skype offers free encrypted voice, chat, and digital transfer capabilities that are difficult for employers to monitor.  In any case, it’s best to generate a private email service like Hushmail and communicate offsite.

I’ve posted my email to “Bill” so that our members can consider the information and protect themselves.

Dear “Dr. Bill”

I feel your pain. My first computer crashed in 1989 – I had stuff on that from 1982 when I bought my first computer. I’m still sick about that. I now use Acronis to back up my three computer drives onto a one-terabyte back-up drive. Although still painful, a crash will lose, at most, six days of data. There are also some good online backup services that work pretty good.

Unless you have a few years to develop computer security expertise, it’s best to find a reliable “computer guy” who you can trust. I live in Los Angeles and pay my computer guy $50/hour when I have problems. He lives nearby and he is efficient and knowledgeable. If you live in Portland, Springfield, or New York, you should not need to spend more than $50/hr. Pay him immediately and don’t give him trouble. If you’re rude and don’t pay immediately, he’ll either raise his rates or stop assisting you. Many high school and college kids know more than enough to set up your system safely. If you use CraigsList, ask for and call references first. When you find the right guy/or gal, treat him like family. He’s worth his weight in gold.

Once you’ve found your computer guy, tell him what you want.

As much as you use email and Google, your computer guy needs to install Spybot, Norton Antivirus, and Outlook: 

  1. Spybot is free and effective in protecting your registry and blocking hostile websites, but you’ll need to check it regularly for updates.
  2. Norton’s updates are automatic but require an annual $40 subscription. For 11 cents a day, Norton is a worthwhile investment.
  3. DON”T upgrade to Vista – it’s got a bad (and well-deserved) reputation. A new operating system is expected this fall that is basically Vista without the bugs.  I’m told that the beta-release works very well.
These services won’t prevent real talent from hacking into your machine, but it’ll protect you from 99.999% of the viruses, trojans, and worms that infest the Internet. XP has some good firewalls, but you’ll need a router (I use a wireless Linksys router) and a hexadecimal password like Ddk52f0Wq!

Some hard-core Mac users insist that they’re computers are invulnerable, but this is false. Although not susceptible to PC hacks, they also get hacked and phished when left unprotected.

Outlook will manage all of your email address in one place. Have your computer guy set up those things for you.

I also use Avant Browser. Firefox and others are just as good with powerful shortcuts and macros. Avant’s companion service, Roboform generates, saves, and manages all of your passwords. Many people make the mistake of using one username (Bob) and password (1234) for ALL of their computing needs. The problem with that is that if you get phished with your one name and password, that information will be used to attack your other hundred accounts – including Amazon, eBay, and your email. A hacker in Canada, Africa, or China could spend a lot of your money that way. Imagine the fun some kid would have logging into your email account and sending kiddy porn or viruses to all your friends and associates with YOUR NAME. But if you use Roboform to generate, save, and manage your names and passwords, getting phished once won’t clean out all of your other accounts.

This won’t protect you from all Internet-based threats, but like fences, doors, dogs, windows, and locks, it will greatly improve your defenses and computing ease.

Clark Baker is a licensed private investigator and SSI Board member. 

Stimulus Agreement Fails to Protect Federal Workers

(Washington, D.C) – The Government Accountability Project (GAP) today praised congressional negotiators for passing 2009’s first major whistleblower rights law as part of the $790 billion stimulus spending bill. The final stimulus package includes “best practices” anti-retaliation rights for any workers at recipients of the new federal spending. This includes contractors, grantees, and state and local government employees who work in programs that receive stimulus funding.
 
However, GAP expressed deep frustration at the conferees’ failure to extend whistleblower rights to federal government workers, who are best positioned to keep the spending honest. Senate conferees rejected a key, bi-partisan accountability provision, sponsored by Representatives Chris Van Hollen (D-Md) and Todd Platts (R-Pa), which the House had adopted without dissent.  The Platts/Van Hollen amendment is a much needed overhaul of the federal employee Whistleblower Protection Act. That whistleblower legislation had been approved overwhelmingly by the House in 2007 as well.
 
GAP Legal Director Tom Devine emphasized, “It is not too late for accountability. After nearly ten years of hearings and votes, there is no excuse to spend nearly a trillion dollars without safe passage for federal employees who risk their careers to keep it honest. Congress has more than enough time, though, to finish locking in best practice rights for federal whistleblowers before the money starts getting spent in 120 days. The politicians owe it to the taxpayers.”
 
By contrast, the final stimulus package includes state-of-the-art whistleblower rights for any recipients of the unprecedented spending. GAP Legislative Representative Adam Miles explained, “The stimulus law is a ‘best practices’ blueprint for modern contractor whistleblower rights. This accountability breakthrough for the taxpayers is the result of tireless efforts by Senator Claire McCaskill (D-Mo) and her staff. The Senator wisely recognized that the best means of protecting the taxpayers is to ensure that employees can speak out about waste, fraud and abuse in stimulus spending without fear of retaliation.”
 
The new law offers protection enforced by jury trials for contractor and state or local employees who challenge fraud, waste and abuse. The conferees did not address, however, the issue of state sovereign immunity, which means that the right to a jury trial in federal court by a state employee is uncertain at best.
 
The Government Accountability Project is the nation’s leading whistleblower protection organization. Through litigating whistleblower cases, publicizing concerns and developing legal reforms, GAP’s mission is to protect the public interest by promoting government and corporate accountability. Founded in 1977, GAP is a non-profit, non-partisan advocacy organization based in Washington, D.C. 
 
Dylan Blaylock
Communications Director, Government Accountability Project
202.408.0034 ext. 137; 202.236.3733 (cell)
1612 K. St, #1100   Washington , D.C. 20006
 
Interested in signing up for a daily GAP and whistleblower-focused news roundup? Email
Dylan Blaylock with the subject line “Subscribe” today!

Peer Review in a Nutshell

Peer review is a process by which members of a hospital’s medical staff review the qualifications, medical outcomes and professional conduct of other physician members and medical staff applicants to determine whether the reviewed physicians may practice in the hospital and, if so, to determine the parameters of their practice.

To encourage peer review, almost all states have granted immunity to participants in the peer review process from certain actions and have made the deliberations and records of medical peer review privileged from judicial disclosure. These laws protect peer review participants from liability for their participation in the peer review process and keep medical peer review information privileged even if such information is relevant and probative to a judicial proceeding. In granting these protections, legislatures have determined that limiting the rights of physicians to seek damages for peer review actions and denying malpractice plaintiffs and other litigants information relevant to their lawsuits are justified in order to encourage effective peer review.

In 1986, congress enacted the Health Care Quality Improvement Act (HCQIA), a federal law that provides protection from liability to healthcare institutions and physicians involved in peer review, as long as certain conditions are met during the peer review process. The law also established the National Practitioner Data Bank, a repository of actions taken against physicians, to which healthcare institutions must report those actions. The purpose was to prevent incompetent physicians from moving between states without being detected. An entry against a physician in the Data Bank can be equivalent to a death sentence, since it makes it very difficult for a physician to obtain privileges at any other hospital, since the latter verify applicants’ credentials with the Bank prior to granting or renewing privileges. The physicians are often left with no choice but to abandon their profession and obtain unrelated jobs.

Since HCQIA went into effect in 1989, thousands of adverse reports have been filed with the Data Bank. Unfortunately, a large number of the actions reported have been taken maliciously by hospitals and their medical staff against the physicians subjects of the peer review. The motives are usually economic in nature, but also include retaliation against whistleblowers, personal spite, and even disputes over a parking space. This process has been dubbed sham peer review, has now become a powerful weapon in the hands of hospitals and those physicians who hold the political power in hospitals, and is being misused nationwide. Many lawsuits against the perpetrators have been filed by the victims, but very few of them survived a summary judgment because of the immunity provided by HCQIA and because the conditions that need to be fulfilled for a peer review to be considered adequate, as defined by HCQIA, are very vague.

The award in August 2004 of $366 million to a physician by a Federal Jury in Texas for a single bad faith peer review highlights that this practice is adding tremendous cost to healthcare.

The use of bad faith peer review as an instrument to further widespread political corruption in Georgia shows the destructive nature of bad faith peer review, and the potential terrible consequences on the public. Georgia Senator Charles Walker has been indicted on 142 felony counts for stealing from Georgia hospitals. His scheme used bad-faith peer review to silence any staff member who spoke out. The effects of this corruption on Georgia are widespread.

No one can seriously believe that bad faith peer review affects only doctors. All of society is badly harmed when huge hospitals rip off the public, silence their doctors, impair medical care and essentially destroy the system designed to protect patients.

A review of 1000 cases conducted by Verner Waite, MD, FACS, founder of the Semmelweis Society, shows that at least 80% of peer reviews are initiated for economic reasons, and are not done in good faith. This is the most comprehensive review currently known. Upon review of these cases, the officers of Semmelweis find that due process in peer review is the exception, rather than the rule. It is rare to find any hospital that uniformly applies standards of peer review to the members of their hospital staff. As a result, thousands of physicians have lost their careers without any due process.

Bad faith peer review against one physician can silence hundreds of physicians and place physicians’ livelihoods at extreme risk. It is estimated that 9 out of 10 physicians exposed to bad faith peer review never work again as physicians. It is also estimated based on extensive experience and review of the literature that 1 out of 5 physicians exposed to bad faith peer review commit suicide. Bad faith peer review is a greater challenge to the practice of ethical medicine than the malpractice crisis.

The State Boards of Medicine, which oversee physicians’ licensure, have uniformly refused to interfere or take action against the perpetrators for puzzling reasons, not considering this practice a breach of the ethics of Medicine.

Many voices have condemned this abuse of the system and have called for reforms of the HCQIA to no avail. The most prominent of those are the Semmelweis Society International, the Center for Peer Review Justice and the Association of American Physicians and Surgeons. In October 2004, both the Pennsylvania Medical Society and the Association of American Physicians and Surgeons have separately passed resolutions to investigate bad faith peer review. The two physician groups said they plan to independently look into the misuse of hospital peer review proceedings as a way to retaliate against doctors who advocate too loudly or too persistently for better patient care. In both cases, the resolutions were passed by acclamation.

The resolution of the Pennsylvania Medical Society calls on the medical society to “explore all aspects of sham (bad faith) peer review and explore ways to prevent the misuse of peer review” including looking into “applicable laws and steps that can be taken to protect physicians’ rights to advocate for quality patient care.”