Skip to main content
Premium Trial:

Request an Annual Quote

At Bio-IT World, CIOs Share Thoughts On Data Security, Software Obsolescence, Usability


BOSTON (GenomeWeb) – While last week's global spread of the WannaCry ransomware was an unwelcome wakeup call for so many in healthcare — particularly those still running the outdated Windows XP operating system — genomics IT operations came through pretty well.

Bioinformatics systems including those for sequencing analysis tend to have far more advanced computers, so they were not affected as much. But the managers of those systems certainly noticed, according to participants in a panel of chief information officers at the Bio-IT World Conference held here this week.

"That malware did so much damage. It was stunning how fast it moved," said Andrea Norris, CIO of the National Institutes of Health and director of the NIH Center for Information Technology.

NIH had things locked down in a matter of hours, however, because Norris and her charges have come to understand their computing environment and know what needed the most protected. "We have a no-high-vulnerability rule," she said.

NIH spends at least $700 million a year on data support and $1 billion on computational services, according to Norris. The nation's largest biomedical research organization pays attention to security and was ready.

Similarly, Harvard Medical School has invested considerable amounts of time in educating users to watch out for malware and avoid clicking on questionable links and phishing scams, reported Rainer Fuchs, the school's recently retired CIO.

"Most of our scientists couldn't care less about security. Most of our technologists couldn't write safe code if their lives depended on it," Fuchs said. "I think our biggest bang for our buck comes from education. [Security] comes down to one simple thing: don't click on stuff," he explained. 

"The thing that has made the biggest difference to us was paying attention to basic security hygiene," said Norris. Replace outdated infrastructure, she advised. Make necessary patches. And, above all, organizations should know where they are most at risk and what most needs to be protected.

Data flood

Beyond security and the malware of the moment, the CIOs, who also included William Mayo of the Broad Institute and Aarti Shah of Eli Lilly, discussed the rapid advancement of technology in their field, as well as the need for continuous staff training.

"At NIH, we really benefitted from people who saw the coming wave of big data," said Norris. NIH has invested heavily in a 100-gigabit network in the last half-decade and in a high-performance computing laboratory that's now used by one of every four researchers there.

Fuchs said that one of the best investments Harvard Medical School has made was in research technology consultants.

Mayo highlighted the importance of collaboration in the face of the flood of data that genomics has unleashed. "If you're doing everything yourself, you aren't thinking big enough," he said. 

Genomics might just be the tip of the iceberg in terms of large-scale healthcare data, however. When an audience member asked panelists if any of them was looking at quantum computing, Mayo said that technology is too far out to make it part of his informatics strategy. Shah agreed, though Norris said NIH is "dabbling in it."

Likewise, said Mayo, "Deep learning technologies aren't there yet." But he wants to be able to give such technologies to users who are not technologists and still get "meaningful" results.

Fuchs said he had been grappling with the scalability of genomic data prior to his retirement. "What's emerged recently is the need for image data," he said. For that, he said, Harvard has turned to Omero, an open-source repository for microscopy.

But Harvard Medical School is not married to Omero, or to any other computing platform. "You can't commit to one platform because it's going to be obsolete anyway," Fuchs advised. "You replace pieces with new technology that can take you to the next level."

For her part, Shah expressed the hope that corporate technology would soon catch up to consumer tech in terms of usability. Siri, Alexa, and similar personal voice assistants have been widely adopted because they are easy to use and are relatively low-cost, she said. But researchers and clinicians at Lilly still have to enter data manually. "There is a gap there," Shah said.

All of the CIOs agreed that usability matters because people matter. Clinicians have pushed back against electronic health records because manual data entry slows doctors down.

Shah discussed "AQ" and "DQ," terms coined at Lilly to describe analytics quotient and digital quotient. "We can talk about all these technologies, but it doesn't matter until we get people to a certain level [of knowledge and comfort]," Shah said.

NIH emphasizes data sharing among internal and external researchers alike: "Collaboration and integration across all our domains, that's our key to success," said Norris.

And then there is the problem of retaining talent, particularly when millennials come out of school looking for the right job for the moment, not a long-term career with a single company as their parents and grandparents might have. "They're looking for new challenges all the time," Fuchs said. "You have to keep people excited."

Fuchs recommended building specific communities within an organization to keep people interested and perhaps keep new hires abreast of additional opportunities.