< Continued from page 1

Question from About.com: William would like to know, with newly passed legislation requiring expanded reporting of income payments via Form 1099 in 2011 and 2012, is the administration going to implement any safeguards to protect taxpayers' personal information (i.e. names, address and Social Security number)? Shouldn’t the government be taking steps now in advance to protect its citizens?

Schmidt: That's a very good question.


We have just recently, with the Office of Management and Budget here at the White House, and the White House CIO, a great technologist and a great friend, Vivek Kundra, revamped some of the things of what we call FISMA, the Federal Information Security Management Act. Obviously we're not going to have any shortage of acronyms that we'll be using during this cast.

One of the things we looked at with FISMA was, what are the things we can do to better protect the personal information of our citizens? One of the changes we've made, for example, is that we're doing continuous monitoring. So if we identify a problem with an IT system, it's not a problem of coming back months later and correcting it. We can identify it on a real-time or near-real-time basis and fix the problem right away. It also puts the agencies in a position where they have a higher level of responsibility for data protection.

As I think we all recognize, when we start looking at why people attempt to intrude into systems, whether it's government or private sector, it's all about the data.

And so as we do more through FISMA, we do more through dedicated efforts on the behalf of the people who run our IT systems in the federal government, with a specific focus on proactively protecting that data before a system is intruded upon and then we have to go back and recover. We have a lot of good plans in place. We don't look at these as a one-time shot. We constantly adjust the technology. We constantly look for new ways to better protect that information.

Question from About.com: Christy asks, so many doctors offices and hospitals are now using portable devices and making patient records available online. What is being done to protect the privacy of our health records, and is there any way we can recover from (the inevitable) leaks of personal information?

Schmidt: That's a really good point. One of the president's key initiatives, the health IT initiative, is to be able to create electronic records for us to benefit no matter where we are in the country, to have the maximum benefit from the technology in the health industry. We actually have a program that's been run out of the HHS organization (Department of Health and Human Services) looking at how we can create this environment of environment of health IT records, but on the front end look to make sure we're protecting privacy and security in building out this architecture.

My office is leading that effort on the cybersecurity piece for the e-health records and e-health initiative. We're working with experts across the government and the private sector to make sure we have that mechanism in place, to make sure people don't wind up in a position where they become a victim. Once again, the idea is to proactively prevent this from taking place.