When President-elect Barack Obama appoints a chief technology officer to the White House, he should make the new appointee a part of his senior economic policy team and the chief "evangelist" for innovation-spurring policies, the software and hardware industries say.
The Business Software Alliance, which represents companies like Microsoft, Hewlett-Packard, Cisco, and others, sent a letter to Obama last week with suggestions for what role the CTO should play in the administration. The BSA has taken other steps in the past week, such as meeting with the Homeland Security Secretary Michael Chertoff on Wednesday and releasing its 2009 policy agenda on Thursday, in an appeal to the next Congress and administration to integrate information technology solutions into its policy prescriptions, both in the short term and long term.
"When dealing with every major issue, there should be a question of what is the role of IT in providing the solutions," BSA CEO Robert Holleyman said Thursday.
The industry's goals are largely aligned with the president-elect's, Holleyman said, including Obama's proposal to push for increased adoption of health IT. New legislation and a new approach to cybersecurity is needed as well, BSA members said, to improve both the government's cyberinfrastructure and its communication with citizens regarding the security of personal information.
As lawmakers integrate IT measures into new legislation, they'll have to avoid some pitfalls, the BSA and its members warned. Health IT is seen as an "enormous opportunity" for the industry, Susan Mann, Microsoft's senior director for intellectual property policy, said Thursday. However, Congress needs to ensure there are adequate privacy protections in place and that the government does not end up with "a system of winners and losers."
Congress needs to "provide incentives for folks to invest and innovate in this area," she said, and "make sure all companies with solutions to bring to the table can compete."
Holleyman said the BSA has been working closely with Representative Pete Stark (D-Calif.) to ensure "we don't lock into place or fossilize a particular technology." Stark proposed health IT legislation that initially mandated an open source platform, Holleyman said.
"It would be mistake to say we're only going to look at open-source solutions," Holleyman said.
Ensuring electronic health records remain private is particularly tricky, Mann said, since the information by its very nature needs to be shared. However, strong privacy requirements for health records are already in place through the Health Insurance Portability and Accountability Act, said Kevin Richards, Symantec's federal government relations manager.
"I would encourage Congress to not reinvent the wheel," he said.
Securing information in cyberspace
He does, however, support reforming data breach notification law. Currently, 44 states have their own laws in place, making it difficult for software companies to comply with all of them.
"Next year you'll see a tsunami of data breach bills," Richards said. "A lot of these bills were introduced previously, but we believe the issue is ready for prime time."
The industry has been working to push the issue in numerous congressional committees and is advocating for Senate Majority Leader Harry Reid to consolidate all the data breach legislative efforts.
"The bogeyman of data security has been jurisdictional issues," Richards said.
The BSA has been working closely with the government to secure its cyberinfrastructure, and on Wednesday senior representatives from eight of its member companies met privately with DHS Secretary Michael Chertoff.
"Our industry has invested considerable resources into that partnership to protect cyberinfrastructure," said Franck Journoud, BSA manager of information security policy.
The public-private partnership, however, has been strained at times, he said.
"Sometimes it has worked really well, sometimes it hasn't worked well at all," Journoud said. "In some situations, we felt our ability to learn from DHS and the various entities involved in cybersecurity about policy development, and our ability to input into policy, was limited. Those policies can have a considerable impact on our ability to manage and operate that infrastructure."
While the BSA has voiced its support for the cybersecurity report produced by a Center for Strategic and International Studies commission, it has not taken a position on the report's suggestion to transfer cybersecurity responsibilities away from DHS to the White House.