Tag Archives: it

The Hiring Process & Social Media

Social media has blossomed in the past few years beyond what many could have imagined. Today, it seems that many people engage others on the internet and social media without regard to their own personal privacy. Additionally, according to Jones and Behling (2010), privacy settings within social media applications tend to be complex, which inhibits their effective use by privacy-minded users. The result is an open and rich source of personal data, the problem of which is context.

I view social media as personal advertising where, unless specifically stated in the terms of service, the information posted by others is considered to have entered the public domain; others may view social media in the light of property rights where, although many people might not lock their front door, the invitation to invade the space is not assumed (Rosen, 2009). Regardless of personal views, information seekers need to be mindful of three things: 1) the terms of service for using the application resources, 2) the privacy policy in effect for using the application resources, and 3) the context of entries and the audience each entry is meant to reach (Jones & Behling, 2010; Rosen, 2009). Considering that the personal data made available on social media applications is not typical of allowable employment interview scenarios, employers need to be mindful that searching out this information may lead to unethical and illegal hiring practices (Fallon & McConnell, 2007; Jones & Behling, 2010; Rosen, 2009). Still, employers use social media to further vet applicants (Jones & Behling, 2010). Another consideration along similar lines is the use of generic web-based searches that could uncover similar information (Rosen, 2009).

In the case study provided by Coutu (2007), Virginia performed an internet search on Mimi and know suffers the problem that one cannot unknow knowledge. Additionally, Virginia know feels ethically compelled to share this information with Fred, the CEO. While this information would not be pertinent in the hiring process of a line employee, staff employees require more scrutiny, especially those that are being vetted for significant leadership positions. Rosen (2009) states, “employers do have broader discretion if such behavior would damage a company, hurt business interests, or be inconsistent with business needs” (para. 15). With this in mind, I tend to consider the paradigm of privacy practices when confronted with public officials and celebrities. A public head of a company or division might not have the same expectations of privacy afforded to a typical job applicant, but this would be a question for lawyers, as Mimi alludes to in the case study.

Basing the decision to investigate Mimi via Google on the general welfare of the organization, I would recommend allowing Mimi to defend her position in order to minimize bias and assumption. Two questions could be asked of Mimi that may allow her to mitigate concerns stemming from the search: 1) Regardless of any past pretenses, do you feel that you can represent this company appropriately if faced with issues regarding international politics? 2) Do you have any concerns about operating effectively within a political environment, such as China? Asking these questions, however, assume that the legal ramifications have been assessed and that they have been deemed appropriate for these particular circumstances. Ultimately, however, the decision lies with Fred to formulate a team that he feels can further the goals of the organization. He may consider the search results inconsequential and hire Mimi regardless of these findings, which would also be appropriate.


Coutu, D. (2007). We Googled you. Harvard Business Review, 85(6), 37-41.

Fallon, L. F. & McConnell, C. R. (2007). Human resource management in health care: principles and practice. Sudbury, MA: Jones & Bartlett.

Jones, C. & Behling, S. (2010). Uncharted waters: Using social networks in hiring decisions. Issues in Information Systems, 11(1), 589-595.

Rosen, L. (2009, September 15). Caution! – Using search engines, MySpace or Facebook for hiring decisions may be hazardous to your business. Retrieved from http://www.esrcheck.com/articles/Caution-Using-Search-Engines-MySpace-or-Facebook-for-Hiring-Decisions-May-Be-Hazardous-to-Your-Business.php

Electronic medical records:

The Push and the Pull

Increasing safety and efficiency in medicine can only lead to an increase in health care quality, right? Some might not agree, especially when it comes to the implementation of electronic medical records (EMRs). There is a federal effort to ensure all medical records are in digital format by 2014, and supporters of EMR technology laud their effectiveness at minimizing medical errors, keeping records safe, facilitating information portability, and increasing cost-efficiency overall (The HWN Team, 2009; Preidt, 2009). Unfortunately, many are skeptical of the cost, security, and utility of such systems (Brown, 2008; The HWN Team, 2009; Preidt, 2009; Terry, 2009). These concerns (and others) are dramatically slowing the pace of EMR adoption, especially in smaller private practices where cost is a significant issue (Ford, Menachemi, Peterson, & Huerta, 2009).

Does EMR adoption actually increase safety? As Edmund, Ramaiah, and Gulla (2009) point out, a working computer terminal is required in order to read the EMR. If the computer system fails, there is no longer access to the medical record. This could be detrimental in a number of cases, especially when considering emergency medicine. Edmund, Ramaiah, and Gulla also describe how difficult it can be to maintain such a system. With this in mind, it is plain that as the system ages there will be more frequent outages and, therefore, more opportunity for untoward effects. Further, recent research shows how EMRs enforce pay-for-performance schemes that many U.S. physicians resent. McDonald and Roland (2009) demonstrate that physicians in California would rather disenroll patients who are noncompliant when reimbursed under pay-for-performance models enforced by the EMR software. Declining to treat patients who express their personal responsibility and choice in their own medical treatment cannot improve the effectiveness of safety in the care that they receive.

There needs to be a middle ground. Baldwin (2009) offers some great real world examples of how some hospitals and practices use hybrid systems to ensure effectiveness and quality while enjoying the benefits of digital records. According to Baldwin, there are many concerns to account for when considering a move from an all paper charting system to an all digital system. Many times, these concerns cannot be allayed and concessions between the two systems must be made. Brown (2008) suggests providing a solid education to the front-line staff regarding EMR implementation, and hence, obtaining their ‘buy in’ to the process to create a smoother transition to implementation. However, this does not address the safety concerns. Baldwin’s advice to analyze which processes should be computerized allows a solid business approach to EMR implementation, allowing some processes to remain paper-based if it makes sense to do so.


Baldwin, G. (2009). Straddling two worlds. Health Data Management, 17(8), 17-22.

Brown, H. (2008, April). View from the frontline: Does IT make patient care worse? He@lth Information on the Internet, 62(1), 9.

Edmund, L. C. S., Ramaiah, C. K., & Gulla, S. P. (2009, November). Electronic medical records management systems: an overview. Journal of Library & Information Technology, 29(6), 3-12.

Ford, E. W., Menachemi, N., Peterson, L. T., & Huerta, T. R. (2009). Resistance is futile: But it is slowing the pace of EHR adoption nonetheless. Journal of the American Medical Informatics Association, 16, 274-281. doi:10.1197/jamia.M3042

The HWN Team. (2009, March). Electronic medical records: the pros and cons. Health Worldnet. Retrieved from http://healthworldnet.com/HeadsOrTails/electronic-medical-records-the-pros-and-cons/?C=6238

McDonald, R. & Roland, M. (2009, March). Pay for performance in primary care in England and California: Comparison of unintended consequences. Annals of Family Medicine, 7(2), 121-127. doi:10.1370/afm.946

Preidt, R. (2009, December 16). Pros and cons of electronic medical records weighed. Business Week. Retrieved from http://www.businessweek.com/lifestyle/content/healthday/634091.html

Terry, N. P. (2009). Personal health records: Directing more costs and risks to consumers? Drexel Law Review, 1(2), 216-260.

Hacking Cyberterrorism

Although not particular to cyberterrorism, for this discussion I have chosen hacking as a type, or means, of cyberterrorism. Hacking covers virus loading and denial of service attacks, also. In order to carry out a cyberterrorism attack, it must be based on some sort of hacking. First, however, we must agree on the definitions of hacking and cyberterrorism. US Legal, a website dedicated to providing legal reference, broadly defines hacking as “intentionally accesses a computer without authorization or exceeds authorized access” (Computer hacking law & legal definition, n.d., para 1). Cyberterrorism is, according to Denning (2006):

…[H]ighly damaging computer-based attacks or threats of attack by non-state actors against information systems when conducted to intimidate or coerce governments or societies in pursuit of goals that are political or social. It is the convergence of terrorism with cyberspace, where cyberspace becomes the means of conducting the terrorist act. Rather than committing acts of violence against persons or physical property, the cyberterrorist commits acts of destruction or disruption against digital property. (p. 124)

Arguably, in order to use a computer system to do any of the above, it involves hacking, but without hacking, there can be no cyber- component to cyberterrorism, which leaves mere terrorism. Fortunately, using these definitions, there has never been a cyberterrorism attack ever in history (Brunst, 2008; Conway, 2011). Brunst (2008) goes further using the term terrorism to include the planning (and, even pre-planning) phases of an event. I disagree with this tact in scholarship. Brunst fails to provide the distinction between cybercrime and cyberterrorism. Thinking simply, having a Facebook account in order for ease of communication does not amount to meeting for coffee. Messaging a friend on Facebook and organizing a meeting does not constitute meeting for coffee. The act of two or more persons meeting for coffee is a conventional one, however it was planned. This is the same with terrorism. I argue that, although much planning and radicalization can occur using computer networking (e.g. Facebook, MySpace, general information websites, et al.), any terroristic act that stems from such organization would still be considered conventional terrorism unless the act, itself, is described as being technological in nature (Conway, 2011).

There is potential for a cyber-attack to generate fear, economic impact, and the loss of life. This is why we concentrate on security measures to ensure difficulty in accessing systems without proper credentialing, rapid identification and response to active intrusions and threats, and recovery techniques to identify and repair data, networks, and nodes that were involved. For this reason, networks are designed with human redundancy. Human redundancy, as Clarke (2005) explains, integrates human decision points within a technological operational structure in order to detect, indicate, explain, and correct an error. Additionally, infrastructure, a commonly regarded target by the experts, tends to be resilient by its own nature making cyber-attacks inefficient and ineffectual (Conway, 2011; Lewis, 2002; Wilson, 2005)


Brunst, P. W. (2008). Use of the internet by terrorists: A threat analysis. Responses to Cyber Terrorism, 34(1), 34–60.

Clarke, D. M. (2005). Human redundancy in complex, hazardous systems: A theoretical framework. Safety Science, 43(9), 655-677. doi:10.1016/j.ssci.2005.05.003

Computer hacking law & legal definition. (n.d.). US Legal. Retrieved from http://definitions.uslegal.com/c/computer-hacking/

Conway, M. (2011). Against cyberterrorism: Why cyber-based terrorist attacks are unlikely to occur. Communications of the ACM, 54(2), 26-28. doi:10.1145/1897816.1897829

Denning, D. (2006). A view of cyberterrorism five years later. In K. E. Himma (Ed.), Internet security: hacking, counterhacking, and society (pp. 123-139). Sudbury, MA: Jones and Bartlett.

Lewis, J. A. (2002, December). Assessing the risks of cyber terrorism, cyber war and other cyber threats. Washington, DC: Center for Strategic and International Studies. Retrieved from http://www.steptoe.com/publications/231a.pdf

Wilson, C. (2005, April 1). Computer attack and cyberterrorism: Vulnerabilities and policy issues for Congress (CRS Congressional report No. RL32114). Retrieved from http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA444799&Location=U2&doc=GetTRDoc.pdf

Cyberterrorism vs. WMD

Perhaps in an Orwellian society where computers are independant and there is very little human-to-computer interaction could a cyberterrorist cause such an impact as to be equal with a weapon of mass destruction. This is not true, however, regarding the technology of today. According to James Lewis (2002) from the Center for Strategic and International Studies, “cyber attacks are less effective and less disruptive than physical attacks. Their only advantage is that they are cheaper and easier to carry out than a physical attack” (p. 2). Studies of the implementation of efforts to reduce the effectiveness of infrastructure during war show a resiliency that is poorly respected. Redundant systems in conjunction with a focused human response provides mitigation to reduce the impact of disruptive efforts on infrastructure (Wilson, 2005). It seems the more important the system, the larger and focalized the response.

The northeast blackout of 2003 provides a decent case study, although the cause was a systems failure and not related to terrorism. According to the article by Minkle (2008), within an hour and a half, 50-million subscribers lost power in eight states and parts of Canada for a few days, yet it only contributed to about 11 deaths within the affected area. While the impact was significant, geographically, it was more or less a nuisance for most people.


Lewis, J. A. (2002, December). Assessing the risks of cyber terrorism, cyber war and other cyber threats. Washington, DC: Center for Strategic and International Studies. Retrieved from http://www.steptoe.com/publications/231a.pdf

Minkle, J. R. (2008, August 13). The 2003 northeast blackout — five years later. Scientific American. Retrieved from http://www.scientificamerican.com/

Wilson, C. (2005, April 1). Computer attack and cyberterrorism: Vulnerabilities and policy issues for Congress (CRS Congressional report No. RL32114). Retrieved from http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA444799&Location=U2&doc=GetTRDoc.pdf

Using Intelligence in ePCR Database Design

The intelligence of a database design begins with the intelligent approach in which the developer focuses on the particular need the database is to fulfill. It is especially important to constrain, or specialize, a database used in health care, else the database can quickly grow beyond the bounds of efficiency. Efficiency can be found directly from table design, and it can be further achieved with business rules and logic. Designing a database for storing patients’ medical records also has some risk of increasing the likelihood of medical errors and statistical incongruities if done improperly; therefore, a qualified database administrator should be consulted (Campbell, 2004; McGlynn, Damberg, Kerr, & Brook, 1998). However, a preliminary needs assessment can be accomplished by asking a few simple questions: Who? What? Where? Why?

Who needs to use the database? For whom is the data useful? By identifying the scope, or domain, of each database user, the developer can gain a sense of which data points are important (McGlynn et al., 1998; Thede, 2002). For instance, in health care, a purely diagnostic database should efficiently offer comparative differential diagnoses to aid a physician in caring for patients; however, a database of this type will not offer much to the administrative arm of the practice. By understanding the relationship between physician diagnosis and billing, relational techniques can serve to ensure greater accuracy in billing procedures.

What data needs to be stored and retrieved? By listing the specific data to be stored, the developer has an opportunity to optimize the storage methods by creating an efficient and normal relational table foundation (Kent, 1983; Sen, 2009). A patient care reporting database, for instance, must be able to store patient identifying information, or demographics. Depending on the specific needs of the practice, demographic data can usually be stored in a single table. Other relational tables could be used to store references between the patient demographic record and pertinent medical information, thereby minimizing duplication (Thede, 2002).

From where does the data need to be accessed? Does this database require authentication for use on a local area network or a complex security policy for wide area network access (Campbell, 2004; McGlynn et al., 1998)? More importantly, however, is portability of the data. If the data is going to be replicated in a large composite database, the data needs to meet the specifications of the repository. This is often achieved by the publication of a template, or a clear set of directives on how data is to be formatted before transmitting data to the repository. An example of this is the Medicare electronic records requirements set forth in the Health Insurance Portability and Accountability Act (HIPAA) of 1996. By accounting for common templates in the design phase, the developer can avoid having to parse data prior to transmitting the data over the network.

Why are we storing the data? Today, it is very common to store data if merely for purposes of recording an interaction, such as a patient contact. However, it is important to understand how the data will be used in the future. Will the data need to be immediately accessible, such as in emergency or critical care areas, or could the data be compiled and batch processed during times of off-peak network load, such as in billing or logistics. Could paper reporting fulfill the immediate need better? If so, should the data on the paper report be entered in a database later? Regarding transcription, it is important to be knowledgeable about the available technology for creating scanned images, portable electronic documents, and the use of optical character recognition in order to properly prepare for the storage of each.

By answering the who, what, where, and why of the database needs assessment, we ultimately answer the question of how to design and implement the database. As an example, in order to design an ambulance run form, we must take into consideration demographics, the history of present illness (or, the reason for the ambulance request), past and pertinent medical history, including, but not limited to: medications, past medical problems and surgeries, and allergies to medications and environment. It is also important to store the assessment, care, and outcome, as well as the disposition of the incident and the destination facility. Additionally, medical standards, such as diagnostic codes, medications, protocols, and algorithms, could be stored in reference tables for preventing redundancy within the data model (Kent, 1983; McGlynn et al., 1988; Sen, 2009, Thede, 2002). Ambulances are mobile; therefore, network access is an important consideration when designing an electronic ambulance patient care reporting database. For this type of database schema, I would recommend using a small, efficient database locally with a mechanism in place to replicate the data to the larger repository when the network is accessible.

Another challenge in creating a database is learning how not to store information. Information is made of of data, but only data should be stored (Collins, 2009). Programming logic can be used to synthesize data into information and, further, into knowledge. Many database designers mistakenly store information, or even knowledge, quickly inflating the size of the database and decreasing its efficiency and normalcy (Kent, 1983; Sen, 2009).

In conclusion, developing an electronic patient care reporting database for a physician practice has some inherent risk if done poorly; however, a knowledgeable member of the office team can highlight the project requirements by performing the needs analysis.


Campbell, R. J. (2004). Database design: What HIM professionals need to know. Perspectives in Health Information Management, 1(6), 1-15. Retrieved from http://www.ncbi.nlm.nih.gov/

Collins, K. (2009). Managing information technology. Exploring Business (pp. 122-130). Retrieved from http://www.web-books.com/

Health Insurance Portability and Accountability Act (HIPAA) of 1996, P.L.104-191. (1996).

Kent, W. (1983). A simple guide to five normal forms in relational database theory. Communications of the ACM, 26(2), 120-125. Retrieved from http://www.bkent.net/Doc/ simple5.htm

McGlynn, E. A., Damberg, C. L., Kerr, E. A., & Brook, R. H. (1998). Health information systems: design issues and analytical applications. Retrieved from http://www.rand.org/pubs/monograph_reports/2007/MR967.pdf

Sen, A. (2009, May 7). Facts and fallacies about first normal form. Retrieved from http://www.simple-talk.com/sql/learn-sql-server/facts-and-fallacies-about-first-normal-form/

Thede, L. Q. (2002). Understanding databases. In S. P. Englebardt & R. Nelson, Health care informatics: an interdisciplinary approach (pp. 55-80). St. Louis, MO: Mosby.

Information Theory in Health Informatics

Contemporary information theory has its roots in the development of telephony. During the middle of last century, an engineer at Bell Telephone Laboratories, Dr. Claude E. Shannon, innovated information theory by extending the mathematical observations of Boltzmann, Szilard, von Neumann, and Wiener in the area of physics, quantum mechanics, and particle physics (Weaver, 1949). Dr. Shannon, however, applied the theory to communication technology, introducing entropy to the theory (Nelson, 2002; Weaver, 1949).

Weaver, who worked at the Sloan-Kettering Institute for Cancer Research, adopted Shannon’s technical message transmission observations and adapted them with his understanding of the semantics of a messages meaning (as cited in Nelson, 2002). Shannon and Weaver’s Information and Communication Model details both the components of a message and the requirements of delivery. An example, as it would relate to health care informatics, would be when a nurse charts a patient’s medical history by encoding it via a desktop client application and the same data is viewable by the same nurse at other computer terminals, other nurses, and the treating physician. The data is also stored along the communication pathway for future retrieval and delivery when the patient presented again. Though this example satisfies Shannon, if the intended recipient were blind, the information shown on a computer screen would be meaningless, according to Weaver, and would indicate a limitation to overcome.

Evaluating hospital information systems developed, in part, from the Shannon and Weaver model, Bruce I. Blum (1986) conducted analysis of object (data, information, and knowledge) processing in both hospital and ambulatory care settings. He concluded that system designs should reflect the artificial delineation between these three types of objects and that these systems will benefit practitioners and patients by improving the overall health care process. Blum (1986) called for the “integration of existing systems with medical knowledge and knowledge-based paradigms” (p. 797) in order to have a positive impact on health care delivery in the coming decades.

Information theory is concerned with the adaptability of a message through a particular channel for optimum transmission. In health informatics, as Blum (1986) points out, information theory can be a benefit by improving “[1)] structure — the capacity of the facilities and the capacity and qualification of the personnel and organization, [2)] process — the changes in the volume, cost and appropriateness of activities, [and 3)] outcome — the change in health care status attributed to the object being evaluated” (p. 794). The major challenges, however, would be initial implementation and acceptance (Blum, 1986).


Blum, B. I. (1986). Clinical information systems. The Western Journal of Medicine, 145(6), 791-797. Retrieved from http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1307152/pdf/ westjmed00160-0055.pdf

Nelson, R. (2002). Major theories supporting health care informatics. In S. P. Englebardt & R. Nelson (Eds.), Health care informatics: An interdisciplinary approach (pp. 3-27). St. Louis, MO: Mosby.

Weaver, W. (1949, September). Recent contributions to the mathematical theory of communication. Retrieved from http://academic.evergreen.edu/a/arunc/compmusic/ weaver/weaver.pdf

Implementing an EMR system

Electronic records streamline the flow of many of the components of patient care. EMRs and ePCRs are very useful in lowering costs, simplifying business processes, and increasing patient safety, as well as overall efficiency, if implemented correctly (Smith, 2003).

Currently, I work as a critical care paramedic providing patient care in acute settings, whether prehospital of interfacility. Within this capacity, I also teach classes to other health care providers, including first responders, emergency medical technicians, paramedics, nurses, physicians, and allied health personnel. I am familiar with the concepts of electronic patient care reporting (ePCR) and the importance and utility of electronic medical records (EMR); however, the only means of electronic reporting available in my capacity as a paramedic is poorly developed ePCR software coupled with intermittent network connectivity, so I still choose to utilize paper reporting. My part-time job with a local municipal ambulance provider relies on a widely available third-party ePCR system that seems to work well. I do utilize this ePCR system when working for this provider.

I have also gained experience with information technology and object-oriented programming concepts while developing platform-independent, client-server distributive applications designed for the internet and intranets. I also have experience with Windows and Unix/Linux platforms.


Smith, P. D. (2003). Implementing an EMR system: One clinic’s experience. Family Practice Management, 10(5), 37-42. Retrieved from http://www.aafp.org/fpm/2003/0500/p37.html

Revisiting My Goals

When I applied to Walden University, there were some choices that I needed make in regards to which program I would enroll in. I relied on my past experience and some of my current goals to direct me to the Bachelor of Science degree in Computer Information Systems (BSCIS) with a concentration in Information Systems Security (ISS), a process which truly motivates me. Revisiting my goals and lending them power to help navigate the world of academia, I needed to ensure that these goals still held true. The first assignment in the Introduction to Information Systems class afforded me the opportunity to do just that, while this assignment will allow me to review my goals once again.

My affinity towards positive social change (Schadone, 2009) is unwaivering, as is my desire to achieve a position in the field of disaster management. I do feel, however, that my chosen degree program is ill-prescribed to prepare me for such ambitions. Though there has been a great incentive to involve the engineering sciences into public policy administration (Connolly, 2009), my experience with the BSCIS degree, even with the ISS concentration, leads me to believe that the curriculum does not satisfy my current needs or goals. I do believe that a career in Information Systems Security would provide an opportunity to reach many of my goals, but other academic directions would provide a more solid foundation for me to build upon.

As of this writing, I have decided to research other avenues of academia which might be better suited to providing the core educational opportunities that would benefit me the most. I have decided that the B.S. in Health Studies with a concentration in Health Administration would be a better fit at this time. I hope to use this degree to propel me forward into an opportunity to earn an MPH with a concentration in Emergency Management and, ultimately, a Ph. D. in the same.

As the H1N1 influenza virus reminds us all about the 1918 “Spanish Flu,” there is an undertone of personal responsibility and preparedness in the event of a pandemic (Bornstein & Trapp, 2009), of which conditions are favorable. I plan to take personal responsibility in this and other potential disasters to position myself as an expert in the field helping to promote plans and policies to mitigate and respond effectively to such incidences. Though, I am versed in the computer sciences, I feel that my position as a health official would be better utilized in these times of crisis. Perhaps one day in the future I will return my focus on computing, but until then, my social conscience and sense of community seem to be my only defining factors.


Bornstein, J., & Trapp, J. (2009, June). Pandemic Preparedness: Ensuring Our Best Are Ready to Respond. IAEM Bulletin, 26(6), pp. 6, 14. Retrieved August 22, 2009, from http://www.iaem.com

Connolly, J. (2008, September). Bridging the gap between engineering and public policy: A closer look at the WISE program. Mechanical Advantage, 19. Retrieved August 22, 2009, from http://www.asme.org

Schadone, M. F. (2009). Information Systems and Me: My Professional and Career Goals. Minneapolis, MN: Walden University.

A Datastore Discussion

O’Brien and Marakas (2007) explain the importance of disaster recovery in regards to a company’s computing resources, “Many firms could only survive a few days without computing facilities. That’s why organizations develop disaster recovery procedures and formalize them in a disaster recovery plan.” This is the basis of the business plan submitted in a subsequent assignment (Schadone, 2009) in which the focus is mitigating computing loss and recovering.

Information Technology relies on the acquisition, storage and retrieval of pertinent data. The development of a business plan leads one to require the adaptation of a data schema to manage the influx of information which could be useful to a growing company, if not required within the functioning business. Figure 1 reveals the core data schema for tracking customers and their needs. This schema is certainly not all-inclusive but provides a framework which can be built upon depending on the corporate direction and specific requirements.
This information can be utilized, obviously, to provide for the clients’ needs, but it can also be utilized to provide increased organization and specific solutions based on measured metrics. As figure 1 shows acquisition and storage of demographic information, it also allows for the assignment of specific roles. These roles can allow a portal application to provide only the most needed system monitors for each role, including role-specific alerts and notifications. Also, greeting the client by name, dependent on login data, provides an air of security prompting the user to logout when the session is complete. This demographic data can also be useful in providing personalized support by allowing support personnel access to each contact’s information and provide a basis to create a schema specific to Online Support Systems based on customer needs. Whether storing preferences or previous form entries, a personalized use of collected data can simplify processes for the user making the user more efficient in the end.


O’Brien, J. A., & Marakas, G. M. (2007). Introduction to information systems (14th ed.). New York: McGraw-Hill/Irwin.

Schadone, M. F. (2009). Disaster Response and Mitigation – IT: A Business Proposal. Minneapolis, MN: Walden University.

Figure 1.
Datastore Chart

“Disaster Response and Management – IT” (DRAM-IT)

With the growing focus of disaster mitigation, response and recovery, companies that rely on information systems need to prevent and minimize the impact of disasters (whether natural or man-made) to their infrastructure. Society’s focus is to regain a sense of normalcy which requires a functioning economy, thereby increasing the need for companies to recover quickly.

By providing expert philosophies, procedures, systems and tools, DRAM-IT can ensure that the client will transition seamlessly from pre-disaster to post-disaster with no negative long-term effects.

We start with employee-focused health, safety and security. We believe that the employee is the first defense against failure. Employees should be healthy and not have their minds occupied by other domestic problems (e.g. family welfare) which is why in times of a disaster affecting the community, we contract with armed security agencies to provide force security for key employees and their families. This focus allows other employees to take care of their own before returning to work. The same security force will provide on-site perimeter security allowing employees to feel safe while aiding in recovery efforts. But, before the incident occurs, we will create processes to assist each employee in staying healthy and fit, both physically and mentally, including the creation of medical response teams to manage on-site medical emergencies until EMS can arrive.

Data loss can be immeasurable and therefore cannot be tolerated. After performing a forensic analysis of current IT practices, DRAM-IT will offer methods of securing data with redundant distributed arrays with cryptographic and hashing intelligence ensuring the data has not been and cannot be manipulated. Along with distributed storage, we can offer distributed processing to ensure the business keeps running without a need for direct input by employees.

During a disaster, the focus needs to be on initiating recovery processes and requires interfacing with local authorities to be part of the solution. We will provide the internal Incident Command structure which will integrate with the local, State, and Federal efforts to ensure pooling of resources. We are also committed to the community. The faster the individual entities of a community can recover, the faster the community as a whole can heal.

With DRAM-IT Systems Mitigation, Response and Recovery, we can ensure that you can concentrate on what is important… we’ll take care of the rest.

By providing an all-encompassing approach to disaster management, our clients can be assured of continuous critical systems processing, ensuring business continuity throughout the disaster.

Table Title: Examples of Structure and IT needs
Functional Area (See Figure 7.23) Supporting Information Systems (See Figure 1.6)
Example: Human Resource Management Example: Transaction Processing Systems
Command Executive Information Systems
Operations Decision Support & Strategic Info Systems
Tactical Knowledge Management & Expert Systems
Logistics Specialized / Transaction Control Systems
Finance Specialied / Transaction Control Systems

Subject: Investment Opportunity – “Disaster Response and Management – IT (DRAM-IT)” 02/25/14
To Whom it May Concern

I am writing you as an entrepreneur in support of the community. We have faced a number of disasters recently and our economy continuously suffers. I hope to provide a host of services to companies which are key to the community infrastructure. My goal is to be able to assist these key companies in recovering from the disaster internally and allowing the economy a maximized benefit in a minimal amount of time.

As a critical care paramedic who has worked with FEMA response teams in the past years, I have the experience and education to know what is crucially important during a disaster. As a computer programmer and IT professional, I know how to apply my knowledge to critical business systems ensuring a smooth transition during the various phases of a disaster, whether large or small, internal or external.

I wish to be able to provide mitigation training, on-site employee health programs, redundant communications, secure data storage and retrieval with distributive data processing, personal and protective security and adaptive processes and philosophies that can overcome even the most destructive of forces. We will initially be focused on consulting with the promotion of best-practices in mind. During the disaster phase, we will respond directly as Incident Command Teams that will be fully self-sufficient for over 72-hours to ensure the response and recovery are as smooth as possible.

The unfortunate reality is that this endeavor will require a large amount of start-up capital. We must first hire and train appropriate personnel who can then consult to client companies and ensure they can operate effectively during and after a disaster. We also need access to distributive networks with which to operate. These will undoubtedly be fee-based services, but initial investments of processor-time and storage would be invaluable. Investing in this opportunity is investing in the community.


Michael Schadone