"Right... because Apple is really known for driving prices down."

Look at the original iPad.

The Doctors aren't evil... they just practice medicine the old fashioned way. Most learned their diagnostic skills when rotary phones were the standard. Would you consider a rotary phone today adequate technology to place a call today... If you want to be treated in methods that are
As for the FDA... They're not that bad.... just usually very blinder focused. I really don't see them having an issue with this in terms of data collection. (I don't see apple supporting a portable pacemaker BlueToothed into an iPhone to get it's operational controls from some data center in lower elbonia).

and you'll be surprised that most of your medical procedure data is already in the cloud, if you used insurance or put your SSN on any form (The bad news about HIPAA is that it's 'portable'... often to the highest bidder ). The problem is most of the diagnostic information is in islands that the MDs don't even have good access to.

As for privacy/security issues...Noted. Data Interpretation... that's well outside of Apple's purview... I can't see Apple doing anything other than providing a secure end to end pipe. The back end, whether it be Johns Hopkins, or Joe's Appliance, and Blood Pressure monitoring will likely have to prove their system, including interpretation someplace. But raw data, in standard HLxx code, has to stand on it's own against the diagnostic standard in the HIPAA world. Non Issue (assuming the regulatory people validate it's to the HLxx standard).

And they are most effective when the consumer determines what 'value' 'quality' is.

And I do think they will just be a simple platform where they charge 30% (or less) to allow other companies that are actually in the healthcare business to use their platform to do their stuff, purely as a common app-platform/payment/identity/secure delivery conduit. If insurance (sigh... see my comments above;-) pays $19.99 for an app to monitor blood glucose from a BT enabled skin patch (or one that is part of a 'rumored iWatch'), then Apple could be in line to make $6 on every diabetic with a smart phone, and have a huge number of diabetics spend $600(phone) + $99(iwatch) on Apple Hardware (and $50+ month in bandwidth) just for the ability to have continuous blood monitoring. If proved viable to regulatory reviewers, this would be a huge win compared to comparable FDA approved standalone solutions much more in price, and much less capability.

PING! +1 (no karma to give)

Working for one of the top three Insurance (oops, I mean 'Health Benefits Management'), and one of the 'World Famous' Medical Centers (both in the same state, you can figure it out), and the largest Pharma company in the free world at the time (and having two small town country doctors in the family), I've seen the world from all sides, and it's not pretty.
BR> My quick summation of the problem... every HBM has a different definition of 'good' care, based on 'average' care models, which are highly fragmented and almost require an HBM to make sure the payer (re: for most... your employer) gets the lowest cost for average or better quality, based on nothing but prior outcomes, and use 'Steerage' and 'Preferred Provider' methods to extort health care providers into capitulation, and the term 'quality' really evolves into a Fast Food Metaphor, and the quality/$$ spent actually goes down.

Any payor Model, Gov't or HBM, that allows someone else to get between you and the MD to negotiate a price or what is expected for a symptom... is the problem. There should be no middle men in healthcare. Especially Middlemen paid by someone else with no skin in the game (my employer/pension-manager)

Hence you control what you need to control... the PoS systems physically separate to the Router hub (owned by HQ), and consider the rest of the network hostile. Simple engineering principles. Basically make the rest of the Store one big 'internet' and portal all store employee access back to the mother ship as if every employee is working from home. Managers... Same. Suppliers (if they are in the store). None. Obviously the major integration point is store inventory to PoS, (Did we sell the last one... is there one in the back room, when is the next shipment coming in, the price is what?), but that is either one system that should be on the critical business ops network, or integrated systems that either have local compute services (again all segregated from the non-critical traffic.

I tend to think that POS equipment should be on a separate network. separate hardware plant to the VPN (and then separate E2E encryption over the router) back to the mothership. Period. VLANS are hard to 'really isolate.' and it's always easier to 'uptick' your controls on a critical network, than it is to run a mixed mode on the same infrastructure. That said, the other side of that is creating a monitoring space for inbound IPs from this tier of vendors and and devices (should a HVAC vendor IP, or one of their onsite controller be reaching INTO 'more vital engineering spaces' on the Target fabric, with question and follow-up?) that would like up like Times Square as unauthorized activity if traffic doesn't go directly from Point A to Point B.)

Once you get to the soft gooey center of the POS system... then all bets are off. You need to either hyper isolate them, or hyper monitor them for deltas in their operational configuration and output.

I had the chance to work at Target HQ for Corp IT Security (more internal and Store Employee AIM), and when I interviewed, the manager was more extremely not excited to hire me at al, saying that I didn't have the political chops to get my ideas implemented. I tended to argue HIS role as management (my job is ideas and execution... your job is facilitation and corporate political knowledge). I think telling your hiring manager that he doesn't understand his role in security (it was all COBIT and ISO to him... give me the process, not the security, sigh) was probably not in the top 10 ways to get hired.

I'm now working for one of the consulting companies who is cleaning up the mess. Knowing who I know, my guess is this will likely fall on Security Operations (outsourced), as they are tasked with analytics of these events and 'sell threat intelligence' to Target. Very few U.S. citizenry will be affected by this. My man on the inside (responsible for the engineering of of the Network Security Monitoring into a very large ArcSight implementation ) warned me months ago (while I was being hired into the AIM group), that his biggest issue was the number of vendors traversing the net. His focus was more retail suppliers and supply chain, but one can see where HVAC could just be lumped into the same pool. And he knows enough to cover his butt with paperwork (we spent a lot of time at another site... where we the 'toilet paper file' (to 'Cover our A*****' - paper memos showing receipt of email containing Formal Risk Assessments to management, and meeting notes of any meetings to discuss without a paper trail, and the formal response in the Risk Plan, [often just noting the problem, and stating that 'monitoring would catch any breach in an acceptable timeframe'... which was our out in that there was no SLA for breach detection outlined in any response plan]).

From what I read from Target, my colleagues eye-rolling, and the fact that their SecOps group was also off shored, they had a similar response.

same was said about the IBM PC (, then the XT, then the AT) by mainframers, and big Unix (academics). The fact of the matter is, when your computing platform is basically a web interface and a back end that is truly agnostic (no IE6 Active X crap), all endpoint devices will become utilities. The computational high ground will become services, which is what MSOffice (et al... file sharing/sharepoint, IE) pretty much is for 70% of corporate computing. Office is roadmapped to be fully cloud delivered (you can't buy a X86 version of it) by 2023. Which to the OP point... Windows as a capitated license will go to zero as part of MS's revenue stream... pushing up capitated cloud services as their primary solution. MS will survive.... as a 'mini-me' of IBM (or visa versa), based on it's control of AD on your network (as AD migrates as a integration point to legacy applications and Office, to your compliance required security rights management system).

That's why I only listen to RIM's CEOs. That way at least it's stereophone. Steve is the antithetical CEO, however. While he's CEO in title, He acts as if he's the ProductManager. The number of patents he's referenced as [co-]holder shows that he does get down into the details (and cares enough to put his name on it).

"We have a few reactors here in the U.S. that are obviously being ran "on the cheap", and frankly those companies should be ran out of town"

We have a few coal mines /oil wells run on the same economic premise (and coal powered electrial plants as well). I'm not fine with any energy company improving profitability without regard to the risks to the energy employees or global community. The differences between Upper Big Branch, Deepwater Horizon and Fukushima, are without distinction.

They just cease processing with a Failed UniBus Address Register (FUBAR) = 17777777

Any company that wrote it's training manuals with variables of $FOO and $BAR was my kind of company

- TTL

P.S. I still dream in TECO. Not that wussy VTEDIT full screen stuff... but writing programs in TECO and executing in MUNG. My therapist says I have closure issues;-)

or as I prefer to say it, 2,191,320,000 Microfortnights (give or take...)

until they start charging for youtube views... (e.g. http://news.cnet.com/8301-1023_3-10221501-93.html)

The more appropriate quote:

"From hell's heart, I stab at thee. For hate's sake, I spit my last breath at thee."

I'll bet $299. Who ever wins get the split the diffence ($100). You can't lose with that bet (the worst you'll pay is $399;-))