One IT exec's take on IT accountability

It seems more and more today that IT executives are expected to take the fall in response to public security breaches, such as those at organizations such as AOL, Ohio University and Department of Veterans Affairs. Ron Uno, manager of information management (and essentially acting CIO) at Kuakini Health Systems in Honolulu shared his take on the recent slew of public scandals with Network World Senior Editor Denise Dubie.

Do you feel that your job is more on the line than in the past if an IT event occurs that compromises security or impedes business performance?

Definitely. I think compared to a few years ago, IT security and confidentiality has become a very "hot" topic".  I have been doing the same things today as I did in the past.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

It seems more and more today that IT executives are expected to take the fall in response to public security breaches, such as those at organizations such as AOL, Ohio University and Department of Veterans Affairs. Ron Uno, manager of information management (and essentially acting CIO) at Kuakini Health Systems in Honolulu shared his take on the recent slew of public scandals with Network World Senior Editor Denise Dubie.

Do you feel that your job is more on the line than in the past if an IT event occurs that compromises security or impedes business performance?

Definitely. I think compared to a few years ago, IT security and confidentiality has become a very "hot" topic".  I have been doing the same things today as I did in the past.

If so, why do you feel more accountable/responsible these days than in the past?

In general within the past few years and going forward everyone in the organization will be looking to IT for direction to secure our information. Information Management in the healthcare arena since the inception of The Health Insurance Portability and Accountability Act (HIPAA) regulations, IT has become more visible not only in the organization but also in the community as well.

Was there a particular event (at your company or in the news) that caused executives to make IT more accountable?

No, I don't think so. With everything happening in the world today we are taking a more proactive approach to protect our data. HIPAA regulations also play a role in this. 

How does the potential for fines or possible firing impact your day-to-day operations? Has anything changed?

I don't think this has had any impact to my operations. All of my staff knows and understands that "confidentiality" is JOB ONE and I will not tolerate anything less. For years we have been promoting "teamwork" within the Health System, so employees understand the culture of the organization. To put it bluntly, if you don't like what we are doing, you don't have to be here. Everyone has a choice in his or her career.

Maybe IT people are just as accountable as they were in the past but there's more publicity surrounding departures these days. Or maybe regulatory requirements are causing individuals to have more skin in the game. What's your take?

In the past year IT and what is done in IT has become more "public". To me, we have been doing the same thing for years and no one commented about it until recently. Most of the publicity is due to the fact of data being so portable now. And the fact that there have been several high-profile cases of laptops being stolen is contributing to the exposure. HIPAA, Sarbanes Oxley and others are exposing the IT field as well.

Back to IT execs feel the heat. What do you think? Discuss in our accountability forum.