(It is worth noting that the multibillion-pound national EMR project in the UK is on the ropes at present, in no small part due to similar leadership issues, with MP's in the UK calling for the program's dissolution, see "NHS IT 'would be better' without £6bn scheme.")
Early in informatics training it was made clear that de-identifying personal information required much more thought and consideration than simply removing names and ID numbers.
Below is an example of a major corporate mishap causing significant loss of corporate reputation and good will for AOL due to inappropriate leadership and a syndrome of inappropriate confidence in technologists:
I believe this story illustrates one of the risks of allowing information technology-centric personnel to lead information science projects, especially projects with sensitive social implications, instead of leadership by information scientists with true information science/library science/informatics training. Clinical IT (EMR, CPOE, decision support, etc) is a prime example of this problem.
AUG 22, 2006 06:53:46 AM
AOL on Monday announced steps it is taking to prevent another security breach like the one in which subscriber search query results recently were posted online.
Also Monday, the company accepted the resignation of its chief technology officer (CTO). Maureen Govern "has decided to leave AOL effective immediately," said Jon Miller, president of AOL, in an e-mail message to employees that was provided to the IDG News Service. Govern, who was named CTO in September 2005, oversaw the research division responsible for the data release. In addition, a researcher and a manager in the research area were fired, according to an AOL spokesman who declined to be named.
One lesson that should be learned from the AOL case is that mastery of information technology does not imply (and often precludes) mastery of information science. I believe this distinction has become blurred and even lost in industry. I have observed this same issue impair clinical computing projects, as well as pharmaceutical R&D (rationing of essential cheminformatics tools by leaders of solely an information technology background comes to mind).
It is stunning to observe that this issue is entirely missed in the press, which calls for more education on "information privacy" issues but misses the issue of core competencies and the distinction between IT and information science entirely.
It's as if surgery mishaps during operations performed by the surgical tool designers were critiqued only on the basis of the person doing the cutting needing more education on anatomy.
The credentials of this former AOL Chief Technology Officer, from google cache of the AOL bio:
As Chief Technology Officer, Maureen Govern, directs the company's technology agenda and ensures that technology strategy aligns with and supports AOL's business priorities. She also oversees a global organization responsible for development and engineering, network infrastructure, data centers, and internal business systems and computing. With a proven track record of managing technology services for large companies, Govern joined AOL in 2005 from Convergys Corp., a provider of world-class billing, customer care, and HR services. There she served as Chief Technology Officer and was responsible for technology leadership; identifying out front, disruptive technologies for the Convergys Customer Management and Information Management Groups; overseeing Convergys Labs, R&D, and IT infrastructure; and serving as spokesperson on technology issues.
Before joining Convergys, Govern served as Vice President of Advanced Technology Development for Motorola's Global Telecommunication Solutions Sector, and was responsible for Motorola's cellular architecture, performance analysis, and advanced radio and network technology development. Previously, she held senior positions at Bell-Northern Research and NYNEX Science and Technology. She began her career as a member of the technical staff at Bell Laboratories in 1978.Govern holds a Masters of Science in Operations Research from Stanford University.
Information science credentials, nil.
Addendum Aug. 23:
A colleague informs me that it was information science people in an information retrieval research group that released the data. They had previously published a paper about this data set at http://www.ir.iit.edu/~abdur/publications/pos-infoscale.pdf. The chain-of-command for ultimate sign-off on the release is unclear.
This raises one of two questions common to HCrenewal stories: a question of competence of the releasers, and/or a question of warnings of competent people perhaps being overruled by those of higher rank. It would not surprise me if the situation was the latter. This could explain the dismissal of the CTO.
Addendum Aug. 24:
Here is a link to an article with more information and more links about the AOL search data kerfuffle. The links within the article provide more information on the "information scientist" background of the apparent PI of this project:
... over 12 years of research and development experience in computer science. He has worked as both a researcher and a developer, which has given him a great perspective on balancing software design with innovation. During this time he has fifteen patent applications filed and over 70 publications in magazines, scientific conferences, journals and book chapters covering many computer science topics like networking, operating systems, system scaling, and information retrieval.
I have made the observation that:
While computers make excellent tools or vehicles for medical informatics work, they do not define the field, nor are they required in medical informatics. This helps to clarify a common misconception. Medical informatics is not the equivalent of "computers in medicine." Using a computer in some medical way, such as by publishing a web site on some medical topic or running a hospital MIS (management information services or "I.S.") department, does not necessarily make an individual a "medical informaticist."
The danger of releasing this type of search data, queries from a consumer search feature of AOL, are rather obvious. (Who has, for example, never typed their name or the names of friends and associates into a search engine?) I think the AOL case supports an extension to my observation:
Using a computer to do something with information does not necessarily make an individual, even one with a degree in computer science, an information scientist.
Medical informatics education, on the other hand, is primarily about creating competent information scientists. That is an important distinction that unfortunately is not well-understood in the healthcare industry.