Biometrics
ABSTRACT
Biometric identification refers to identifying an individual based on his/her distinguishing physiological and/or behavioural characteristics. As these characteristics are distinctive to each and every person, biometric identification is more reliable and capable than the traditional token based and knowledge based technologies differentiating between an authorized and a fraudulent person. This paper discusses the mainstream biometric technologies and the advantages and disadvantages of biometric technologies, their security issues and finally their applications in day today life.
INTRODUCTION:
“Biometrics” are automated methods of recognizing an individual based on their physical or behavioral characteristics. Some common commercial examples are fingerprint, face, iris, hand geometry, voice and dynamic signature. These, as well as many others, are in various stages of development and/or deployment. The type of biometric that is “best ” will vary significantly from one application to another. These methods of identification are preferred over traditional methods involving passwords and PIN numbers for various reasons: (i) the person to be identified is required to be physically present at the point-of-identification; (ii) identification based on biometric techniques obviates the need to remember a password or carry a token. Biometric recognition can be used in identification mode, where the biometric system identifies a person from the entire enrolled population by searching a database for a match.
A BIOMETRIC SYSTEM:
All biometric systems consist of three basic elements:
Enrollment, or the process of collecting biometric samples from an individual, known as the enrollee, and the subsequent generation of his template.
Templates, or the data representing the enrollee’s biometric.
Matching, or the process of comparing a live biometric sample against one or many templates in the system’s database.
Enrollment
Enrollment is the crucial first stage for biometric authentication because enrollment generates a template that will be used for all subsequent matching. Typically, the device takes three samples of the same biometric and averages them to produce an enrollment template. Enrollment is complicated by the dependence of the performance of many biometric systems on the users’ familiarity with the biometric device because enrollment is usually the first time the user is exposed to the device. Environmental conditions also affect enrollment. Enrollment should take place under conditions similar to those expected during the routine matching process. For example, if voice verification is used in an environment where there is background noise, the system’s ability to match voices to enrolled templates depends on capturing these templates in the same environment. In addition to user and environmental issues, biometrics themselves change over time. Many biometric systems account for these changes by continuously averaging. Templates are averaged and updated each time the user attempts authentication.
Templates
As the data representing the enrollee’s biometric, the biometric device creates templates. The device uses a proprietary algorithm to extract “features” appropriate to that biometric from the enrollee’s samples. Templates are only a record of distinguishing features, sometimes called minutiae points, of a person’s biometric characteristic or trait. For example, templates are not an image or record of the actual fingerprint or voice. In basic terms, templates are numerical representations of key points taken from a person’s body. The template is usually small in terms of computer memory use, and this allows for quick processing, which is a hallmark of biometric authentication. The template must be stored somewhere so that subsequent templates, created when a user tries to access the system using a sensor, can be compared. Some biometric experts claim it is impossible to reverse-engineer, or recreate, a person’s print or image from the biometric template.
Matching
Matching is the comparison of two templates, the template produced at the time of enrollment (or at previous sessions, if there is continuous updating) with the one produced “on the spot” as a user tries to gain access by providing a biometric via a sensor. There are three ways a match can fail:
Failure to enroll.
False match.
False nonmatch.
Failure to enroll (or acquire) is the failure of the technology to extract distinguishing features appropriate to that technology. For example, a small percentage of the population fails to enroll in fingerprint-based biometric authentication systems. Two reasons account for this failure: the individual’s fingerprints are not distinctive enough to be picked up by the system, or the distinguishing characteristics of the individual’s fingerprints have been altered because of the individual’s age or occupation, e.g., an elderly bricklayer.
In addition, the possibility of a false match (FM) or a false nonmatch (FNM) exists. These two terms are frequently misnomered “false acceptance” and “false rejection,” respectively, but these terms are application-dependent in meaning. FM and FNM are application-neutral terms to describe the matching process between a live sample and a biometric template. A false match occurs when a sample is incorrectly matched to a template in the database (i.e., an imposter is accepted). A false non-match occurs when a sample is incorrectly not matched to a truly matching template in the database (i.e., a legitimate match is denied). Rates for FM and FNM are calculated and used to make tradeoffs between security and convenience. For example, a heavy security emphasis errs on the side of denying legitimate matches and does not tolerate acceptance of imposters. A heavy emphasis on user convenience results in little tolerance for denying legitimate matches but will tolerate some acceptance of imposters.
BIOMETRIC TECHNOLOGIES:
The function of a biometric technologies authentication system is to facilitate controlled access to applications, networks, personal computers (PCs), and physical facilities. A biometric authentication system is essentially a method of establishing a person’s identity by comparing the binary code of a uniquely specific biological or physical characteristic to the binary code of an electronically stored characteristic called a biometric. The defining factor for implementing a biometric authentication system is that it cannot fall prey to hackers; it can’t be shared, lost, or guessed. Simply put, a biometric authentication system is an efficient way to replace the traditional password based authentication system. While there are many possible biometrics, at least eight mainstream biometric authentication technologies have been deployed or pilot-tested in applications in the public and private sectors and are grouped into two as given,
Contact Biometric Technologies
fingerprint,
hand/finger geometry,
dynamic signature verification, and
keystroke dynamics
Contactless Biometric Technologies
facial recognition,
voice recognition
iris scan,
retinal scan,
CONTACT BIOMETRIC TECHNOLOGIES:
For the purpose of this study, a biometric technology that requires an individual to make direct contact with an electronic device (scanner) will be referred to as a contact biometric. Given that the very nature of a contact biometric is that a person desiring access is required to make direct contact with an electronic device in order to attain logical or physical access. Because of the inherent need of a person to make direct contact, many people have come to consider a contact biometric to be a technology that encroaches on personal space and to be intrusive to personal privacy.
Fingerprint
The fingerprint biometric is an automated digital version of the old ink-and-paper method used for more than a century for identification, primarily by law enforcement agencies. The biometric device involves users placing their finger on a platen for the print to be read. The minutiae are then extracted by the vendor’s algorithm, which also makes a fingerprint pattern analysis. Fingerprint template sizes are typically 50 to 1,000 bytes. Fingerprint biometrics currently have three main application arenas: large-scale Automated Finger Imaging Systems (AFIS) generally used for law enforcement purposes, fraud prevention in entitlement pro-grams, and physical and computer access.
Hand/Finger Geometry
Hand or finger geometry is an automated measurement of many dimensions of the hand and fingers. Neither of these methods takes actual prints of the palm or fingers. Only the spatial geometry is examined as the user puts his hand on the sensor’s surface and uses guiding poles between the fingers to properly place the hand and initiate the reading. Hand geometry templates are typically 9 bytes, and finger geometry templates are 20 to 25 bytes. Finger geometry usually measures two or three fingers. Hand geometry is a well-developed technology that has been thoroughly field-tested and is easily accepted by users.
Dynamic Signature Verification
Dynamic signature verification is an automated method of examining an individual’s signature. This technology examines such dynamics as speed, direction, and pressure of writing; the time that the stylus is in and out of contact with the “paper”; the total time taken to make the signature; and where the stylus is raised from and lowered onto the “paper.” Dynamic signature verification templates are typically 50 to 300 bytes.
Keystroke Dynamics
Keystroke dynamics is an automated method of examining an individual’s keystrokes on a keyboard. This technology examines such dynamics as speed and pressure, the total time of typing a particular password, and the time a user takes between hitting certain keys. This technology’s algorithms are still being developed to improve robustness and distinctiveness. One potentially useful application that may emerge is computer access, where this biometric could be used to verify the computer user’s identity continuously.
CONTACTLESS BIOMETRIC TECHNOLOGIES:
A contactless biometric can either come in the form of a passive (biometric device continuously monitors for the correct activation frequency) or active (user initiates activation at will) biometric. In either event, authentication of the user biometric should not take place until the user voluntarily agrees to present the biometric for sampling. A contactless biometric can be used to verify a persons identity and offers at least two dimension that contact biometric technologies cannot match. A contactless biometric is one that does not require undesirable contact in order to extract the required data sample of the biological characteristic and in that respect a contactless biometric is most adaptable to people of variable ability levels.
Facial Recognition
Facial recognition records the spatial geometry of distinguishing features of the face. Different vendors use different methods of facial recognition, however, all focus on measures of key features. Facial recognition templates are typically 83 to 1,000 bytes. Facial recognition technologies can encounter performance problems stemming from such factors as no cooperative behavior of the user, lighting, and other environmental variables. Facial recognition has been used in projects to identify card counters in casinos, shoplifters in stores, criminals in targeted urban areas, and terrorists overseas.
Voice Recognition
Voice or speaker recognition uses vocal characteristics to identify individuals using a pass-phrase. Voice recognition can be affected by such environmental factors as background noise. Additionally it is unclear whether the technologies actually recognize the voice or just the pronunciation of the pass-phrase (password) used. This technology has been the focus of considerable efforts on the part of the telecommunications industry and NSA, which continue to work on
improving reliability. A telephone or microphone can serve as a sensor, which makes it a relatively cheap and easily deployable technology.
Iris Scan
Iris scanning measures the iris pattern in the colored part of the eye, although the iris color has nothing to do with the biometric. Iris patterns are formed randomly. As a result, the iris patterns in your left and right eyes are different, and so are the iris patterns of identical-cal twins. Iris scan templates are typically around 256 bytes. Iris scanning can be used quickly for both identification and verification
Applications because of its large number of degrees of freedom. Current pilot programs and applications include ATMs (“Eye-TMs”), grocery stores (for checking out), and the few International Airports (physical access).
Retinal Scan
Retinal scans measure the blood vessel patterns in the back of the eye. Retinal scan templates are typically 40 to 96 bytes. Because users perceive the technology to be somewhat intrusive, retinal scanning has not gained popularity with end-users. The device involves a light source shined into the eye of a user who must be standing very still within inches of the device. Because the retina can change with certain medical conditions, such as pregnancy, high blood pressure, and AIDS, this biometric might have the potential to reveal more information than just an individual’s identity.
Emerging biometric technologies:
Many inventors, companies, and universities continue to search the frontier for the next biometric that shows potential of becoming the best. Emerging biometric is a biometric that is in the infancy stages of proven technological maturation. Once proven, an emerging biometric will evolve in to that of an established biometric. Such types of emerging technologies are the following:
Brainwave Biometric
DNA Identification
Vascular Pattern Recognition
Body Odor Recognition
Fingernail Bed Recognition
Gait Recognition
Handgrip Recognition
Ear Pattern Recognition
Body Salinity Identification
Infrared Fingertip Imaging & Pattern Recognition
SECURITY ISSUES:
The most common standardized encryption method used to secure a company’s infrastructure is the Public Key Infrastructure (PKI) approach. This approach consists of two keys with a binary string ranging in size from 1024-bits to 2048-bits, the first key is a public key (widely known) and the second key is a private key (only known by the owner). However, the PKI must also be stored and inherently it too can fall prey to the same authentication limitation of a password, PIN, or token. It too can be guessed, lost, stolen, shared, hacked, or circumvented; this is even further justification for a biometric authentication system. Because of the structure of the technology industry, making biometric security a feature of embedded systems, such as cellular phones, may be simpler than adding similar features to PCs. Unlike the personal computer, the cell phone is a fixed-purpose device. To successfully incorporate Biometrics, cell-phone developers need not gather support from nearly as many groups as PC-application developers must.
Security has always been a major concern for company executives and information technology professionals of all entities. A biometric authentication system that is correctly implemented can provide unparalleled security, enhanced convenience, heightened accountability, superior fraud detection, and is extremely effective in discouraging fraud. Controlling access to logical and physical assets of a company is not the only concern that must be addressed. Companies, executives, and security managers must also take into account security of the biometric data (template). There are many urban biometric legends about cutting off someone finger or removing a body part for the purpose of gain access. This is not true for once the blood supply of a body part is taken away, the unique details of that body part starts to deteriorate within minutes. Hence the unique details of the severed body part(s) is no longer in any condition to function as an acceptable input for scanners.
The best overall way to secure an enterprise infrastructure, whether it be small or large is to use a smart card. A smart card is a portable device with an embedded central processing unit (CPU). The smart card can either be fashioned to resemble a credit card, identification card, radio frequency identification (RFID), or a Personal Computer Memory Card International Association (PCMCIA) card. The smart card can be used to store data of all types, but it is commonly used to store encrypted data, human resources data, medical data, financial data, and biometric data (template). The smart card can be access via a card reader, PCMCIA slot, or proximity reader. In most biometric-security applications, the system itself determines the identity of the person who presents himself to the system. Usually, the identity is supplied to the system, often by presenting a machine-readable ID card, and then the system asked to confirm. This problem is “one-to- one matching.” Today’s PCs can conduct a one-to-one match in, at most, a few seconds. One-to-one matching differs significantly from one-to-many matching. In a system that stores a million sets of prints, a one-to-many match requires comparing the presented fingerprint with 10 million prints (1 million sets times 10 prints/set). A smart card is a must when implementing a biometric authentication system; only by the using a smart card can an organization satisfy all security and legal requirements. Smart cards possess the basic elements of a computer (interface, processor, and storage), and are therefore very capable of performing authentication functions right on the card.
The function of performing authentication within the confines of the card is known as ‘Matching on the Card (MOC)’. From a security prospective MOC is ideal as the biometric template, biometric sampling and associated algorithms never leave the card and as such cannot be intercepted or spoofed by others (Smart Card Alliance). The problem with smart cards is the public-key infrastructure certificates built into card does not solve the problem of someone stealing the card or creating one. A TTP (Trusted Third Party) can be used to verify the authenticity of a card via an encrypted MAC (Media Access Control).
CULTURAL BARRIERS/PERCEPTIONS:
People as diverse as those of variable abilities are subject to many barriers, theories, concepts, and practices that stem from the relative culture (i.e. stigma, dignity or heritage) and perceptions (i.e. religion or philosophical) of the international community. These factors are so great that they could encompass a study of their own. To that end, it is also theorized that to a certain degree that the application of diversity factors from current theories, concepts, and practices may be capable of providing a sturdy framework to the management of employees with disabilities. Moreover, it has been implied that the term diversity is a synonymous reflection of the initiatives and objectives of affirmative action policies. The concept of diversity in the workplace actually refers to the differences embodied by the workforce members at large. The differences between all employees in the workforce can be equated to those employees of different or diverse ethnic origin, racial descent, gender, sexual orientation, chronological maturity, and ability; in effect minorities.
ADVANTAGES OF BIOMETRIC TECHNOLOGIES:
Biometric technologies can be applied to areas requiring logical access solutions, and it can be used to access applications, personal computers, networks, financial accounts, human resource records, the telephone system, and invoke customized profiles to enhance the mobility of the disabled. In a business-to-business scenario, the biometric authentication system can be linked to the business processes of a company to increase accountability of financial systems, vendors, and supplier transactions; the results can be extremely beneficial.
The global reach of the Internet has made the services and products of a company available 24/7, provided the consumer has a user name and password to login. In many cases the consumer may have forgotten his/her user name, password, or both. The consumer must then take steps to retrieve or reset his/her lost or forgotten login information. By implementing a biometric authentication system consumers can opt to register their biometric trait or smart card with a company’s business-to-consumer e-commerce environment, which will allow a consumer to access their account and pay for goods and services (e-commerce). The benefit is that a consumer will never lose or forget his/her user name or password, and will be able to conduct business at their convenience. A biometric authentications system can be applied to areas requiring physical access solutions, such as entry into a building, a room, a safe or it may be used to start a motorized vehicle. Additionally, a biometric authentication system can easily be linked to a computer-based application used to monitor time and attendance of employees as they enter and leave company facilities. In short, contactless biometrics can and do lend themselves to people of all ability levels.
DISADVANTAGES OF BIOMETRIC TECHNOLOGIES:
Some people, especially those with disabilities may have problems with contact biometrics. Not because they do not want to use it, but because they endure a disability that either prevents them from maneuvering into a position that will allow them to make use the biometric or because the biometric authentication system (solution) is not adaptable to the user. For example, if the user is blind a voice biometric may be more appropriate.
BIOMETRIC APPLICATIONS:
Most biometric applications fall into one of nine general categories:
Financial services (e.g., ATMs and kiosks).
Immigration and border control (e.g., points of entry, precleared frequent travelers, passport and visa issuance, asylum cases).
Social services (e.g., fraud prevention in entitlement programs).
Health care (e.g., security measure for privacy of medical records).
Physical access control (e.g., institutional, government, and residential).
Time and attendance (e.g., replacement of time punch card).
Computer security (e.g., personal computer access, network access, Internet use, e-commerce, e-mail, encryption).
Telecommunications (e.g., mobile phones, call center technology, phone cards, televised shopping).
Law enforcement (e.g., criminal investigation, national ID, driver’s license, correctional institutions/prisons, home confinement, smart gun).
CONCLUSION:
Currently, there exist a gap between the number of feasible biometric projects and knowledgeable experts in the field of biometric technologies. The post September 11 th, 2002 attack (a.k.a. 9-11) on the World Trade Center has given rise to the knowledge gap. Post 9-11 many nations have recognized the need for increased security and identification protocols of both domestic and international fronts. This is however, changing as studies and curriculum associated to biometric technologies are starting to be offered at more colleges and universities. A method of closing the biometric knowledge gap is for knowledge seekers of biometric technologies to participate in biometric discussion groups and biometric standards committees.
The solutions only needs the user to possess a minimum of require user knowledge and effort. A biometric solution with minimum user knowledge and effort would be very welcomed to both the purchase and the end user. But, keep in mind that at the end of the day all that the end users care about is that their computer is functioning correctly and that the interface is friendly, for users of all ability levels. Alternative methods of authenticating a person’s identity are not only a good practice for making biometric systems accessible to people of variable ability level. But it will also serve as a viable alternative method of dealing with authentication and enrollment errors.
Auditing processes and procedures on a regular basis during and after installation is an excellent method of ensuring that the solution is functioning within normal parameters. A well-orchestrated biometric authentication solution should not only prevent and detect an impostor in instantaneous, but it should also keep a secure log of the transaction activities for prosecution of impostors. This is especially important, because a great deal of ID theft and fraud involves employees and a secure log of the transaction activities will provide the means for prosecution or quick resolution of altercations.
REFERENCES:
Pankanti S, Bolle R & Jain A, Biometrics:The Future of Identification
Nalwa V, Automatic on-line signature verification
Biometric Consortium homepage, http://WWW.biometrics.org
The Difference Between Transactional and Transformational Leadership
Leadership is very important for a person as well as for an organization. Without leadership, the organization (and the individual, too) is like a boat without a rudder. It will be aimless and will just follow the flow of the powerful forces in the organization.
But leadership takes on different forms in an organization. One way of looking at it is by classifying between transaction and transformational leadership. Another is by looking at formal and informal leadership. Formal position and authority matter less than influence. Influence is raw power within an organization. A person who has influence does not need formal authority to tip the organizational balance towards himself.
Leaders who do have formal authority and leadership position may simply use transactional leadership for their subordinates and followers. This kind of leadership works in certain situations. Especially if the leader is but in transition and does not have to invest much time in the development of the people under him. Transactional leadership is not long term. It is short term. The key word here is transactions! The leader does not expect any “return business” with the people he is dealing with.
Transformational leadership, on the other hand, is a very different kind of leadership. It takes into account the motivation and the situation of the followers and subordinates. It primes up people for repeat business and continuous improvements!
As a leader, would you rather use short term transactional leadership or the long-term-impact transformational leadership? While I would advocate transformational leadership off-hand, the best leadership style depends on your circumstances and the organizational goals and objectives.
The important question to ask then is, how can you study the organizational context so as to understand the kind of leadership that is suited to it? Ask your people. Is there good morale in the organization? Or is it full of complaints and murmuring? Are the people happy to be part of the organization? Or are they simply waiting for one paycheck after another?
You also need to look at the performance of the organization. You can conduct an evaluation or even an internal audit of your organization. This way, you can assess the strengths and the weaknesses of the organization. Based on that, you can make important decisions as to the style of leadership suited for the organization.
There is no right or wrong styles of leadership to be used in an organization. What matters is how you use one style of leadership to accomplish your goals as a leader.
UB04 Form – What is a UB04 Form, Where Do I Get One, and How Do I Fill it Out?
Do you need to get a UB04 form completed for an insurance company? What is a UB04 form? Where do you find one? And how do you fill it out? We run across these questions often in the world of medical billing. Most medical health insurance claims are filed on CMS 1500 forms (sometimes called HCFA forms). These are more common to most people. Many billers don’t know when to use the CMS forms and when to use the UB 04 forms.
The UB04 claim form is used by facilities rather than physicians for their health insurance billing. Hospitals, rehabilitation centers, ambulatory surgery centers, clinics, etc need to bill their services on the UB04 form in order to get paid. Physician billing is done on the CMS 1500 claim forms.
Every once in awhile we get a call from a person who is trying to get an insurance claim paid and they are told by the insurance company that they must file the claim on a UB04 claim form. These people don’t have a clue what this form is or how to complete it. They may have had to admit a loved one into a drug and alcohol rehab facility and now find that the facility doesn’t participate with their insurance plan. These facilities often don’t file UB04 forms and can not help the family get reimbursed by the insurance company.
Many times the family has paid up front for the services of the facility and are now trying to get the insurance company to reimburse them. The insurance policy may pay out of network but the claim must be filed correctly on a UB04 form. Often times people are trying to collect many thousands of dollars on the claim. Required fields on the UBO4 form include rev codes, value codes and type of bill. What do you put in these fields? These forms can be very confusing. Where do you get the correct information to complete the forms? And which fields are required on the form? If the facility does not have a UB04 form to fill out, where do you get one?
Unfortunately the answers are not easy. The Rev codes represent the procedure codes. The type of bill is a three digit number that represents the type of facility, the bill classification and the frequency of the bill. The value codes are required fields only in certain situations. It is very difficult to complete these forms correctly without previous experience or proper training. Another catch is that the forms were changed in May 2007 to allow for use of the NPI number. You must understand NPI numbers completely to determine where you should be entering an individual NPI number or a group NPI number. And when you try to find UB04 forms for sale, you find they are available in boxes of 2500.
If you find yourself needing to file a claim on a UB04 form and don’t know what you are doing, make sure you look into it fully. Claims are often denied time after time for information being incomplete or incorrect. If your claim is for a lot of money, you may not want to wait months for payment.
Copyright November 2008 – Alice Scott
Top Factors Making Microsoft Access a Popular Tool
Microsoft Access is used extensively by small and medium enterprises to manage complex data as well as to analyze it quickly and efficiently. For users just making a shift to Access from other databases, here is an overview on what makes Access such a popular tool.
While Access database was every effective in maintaining a database, the only drawback was that users who did not have an Access client could not view the data or make modifications. With Access 2010, it is now easy to extend the Access database to the Web and provide users access online. Using just a browser, users can easily view the data and make modifications that are synchronized with the database. If the user is offline, it is possible to make these changes offline and then use Microsoft Server 2010 to synchronize the changes the next time the user is online. These kinds of modifications do increase the chances of the database getting corrupted but we will see later how to recover MDB data easily and effectively in case the database does get damaged.
The new Access 2010 allows you to use multiple data connections so that you can collect information from other sources or just link them. By providing conditional formatting and powerful calculation tools, you can generate reports that are not only appealing visually, with the rich and dynamic images but also create a lot of impact. Since Access now supports data bars, you can easily track trends and provide management with a lot of insight into what the data is revealing.
Using Microsoft SharePoint Server 2010 and Access 2010, it is possible to provide better protection to the data stored in the MDB files. The database can be stored centrally so that all the necessary data compliance, audit requirements and backup requirements can be met adequately. Access 2010 provides better manageability and increased accessibility. In the rare cases of corruption in the MDB file, it is easy to carry out an Access repair to recover MDB data from the central server.
Users can now implement database templates created by others or share their own designs. By making pre-built templates available to the entire Access community, it is now easier for users to quickly create databases from the pre-designed template by customizing them according to their needs rather than having build them up from scratch.
If you would like to create navigation forms that use Access data, you can do so by simply choosing from the pre-defined navigation templates made available by Access 2010. You can very quickly develop professional looking, web-like forms without having to spend any time in coding.
The enhanced Macro Designer in Access 2010 makes it possible for users to create robust applications by enabling them to easily develop highly complex code. Further, coding errors are reduced leading to lesser corruption and users are more productive. It pays to spend some time and money in having a good design for the database. A poorly designed database can have lot of corruption issues that can only be resolved by powerful tools such as Advanced Access Repair. Working on files that even the Compact and Repair tool cannot fix, this tool not only helps recover MDB data but more importantly restores it in the same structure as in the original, corrupted file.
Your Deceased Loved One and IRS Debt – Who Has to Pay the Tab?
Saying goodbye…What happens when a loved one passes away and leaves an IRS debt behind? Does that debt fall onto you? Or can the IRS collect on a deceased person’s tax debt at all?
The only way the debt can fall to you is if you filed jointly at which point you would become the primary debtor and still owe the IRS.
A family affair…However, if that isn’t the situation then who does have to pick up the tab? After all the IRS doesn’t like to give up on any money it’s owed; even if the IRS has to dig up grandpa’s corpse to get it. I never had to disrespect the final resting places of the dead when I was an IRS-Hitman. We took care of seizing any personal valuable before your loved one went into the ground.
The bare bones…Here’s how things work when a deceased loved one owes the IRS. The executor of the estate has to inventory all assets. Once that is done any debts the deceased had prior to his/ her death are paid, and the remaining assets both liquid and non liquid is distributed among the beneficiaries per the Will.
That assumes there is an estate or assets to sell and pay off creditors. For example if assets or property were transferred prior to or upon death, if stated in a Will, there isn’t anything collectible. In the case of there being nothing of value to satisfy the creditors or the IRS then the account is closed as non collectible.
You may end up in debt too…However, before you start to enjoy your new found inheritance there are some things that you should know; because the IRS plans for the assets dear old grandpa left you in his Will. Some of that inheritance is taxable and some isn’t. It’s important to know the details of your inheritance so that you don’t end up in a pickle with the IRS too.
· Life Insurance payouts are non taxable. That’s because Life Insurance isn’t considered income because it’s used to take care of the deceased’s funeral and provide for family.
· Lump sum cash inheritance is considered income and is therefore taxable. If you receive a lump sum inheritance then you need to report it on your taxes as income and be prepared to pay taxes on the amount.
· Property such as houses or cars is non taxable unless they’re sold. Any proceeds from the sale of inherited assets are also considered income and must be reported on your taxes.
Having to go through the death of a loved one can be difficult enough without having to worry about the IRS getting involved.
Now you have the smoking gun…Use it!
Role of Information Technology in Growth of Business
Information technology (IT) refers to the management and use of information using computer-based tools. It includes acquiring, processing, storing, and distributing information. Most commonly it is a term used to refer to business applications of computer technology, rather than scientific applications. The term is used broadly in business to refer to anything that ties into the use of computers.
Mostly businesses today create data that can be stored and processed on computers. In some cases the data must be input to computers using devices such as keyboards and scanners. In other cases the data might be created electronically and automatically stored in computers.
Small businesses generally need to purchase software packages, and may need to contract with IT businesses that provide services such as hosting, marketing web sites and maintaining networks. However, larger companies can consider having their own IT staffs to develop software, and otherwise handle IT needs in-house. For instance, businesses working with the federal government are likely to need to comply with requirements relating to making information accessible.
The constant upgrade in information technology, along with increasing global competition, is adding difficulty and hesitation of several orders of scale to the business and trade. One of the most widely discussed areas in recent business literature is that of new organizational network structures that hold survival and growth in an environment of growing complexity.
Effective implementation of information technology would decrease liability by reducing the cost of expected failures and increase flexibility by reducing the cost of adjustment. The businesses reaction to the environment remains to be the vital determinant for its effectiveness. The capabilities and flexibilities of computer-communication systems make them gradually more appropriate to businesses by being able to respond to any specific information or communication requirement.
Information Technology is having impact on all trade industries and businesses, in service as well as in manufacturing. It is affecting workers at all levels of organizations, from the executives to middle management and clerks. Information technology is increasingly becoming a basic factor of all types of technologies such as craft, engineering, routine, and non-routine.
The advances in Information Technology would result in remarkable decline in the costs of synchronization that would lead to new, concentrated business structures. It enables the business to respond to the new and urgent competitive forces by providing effective management of interdependence.
In the near future businesses would be facing a lack and a redundancy of information called information glut. To solve the information-glut companies will need to introduce methods for selective thinning out of information. Improvements in telecommunications will make it easier to control business units dispersed over different parts of the world. Advances in telecommunications, would result in increased distance-communication. Indirect communication would be preferred for well-structured information for routine, preprogrammed and decision processes.
© 2006, Wholesale Pages UK. All rights reserved.
Ethical Considerations of Privacy and Cyber-Medical Information
In 1818, British author Mary Shelley’s tale of Dr. Frankenstein’s infamous creation startled and captivated a receptive audience. Just as the macabre, but resourceful, doctor created life from non-life that terrorized the local countryside, we have created a “cyberspace monster” that “lives” and knows no boundaries. It may not actually terrorize us, but we are likewise captivated by it. It profoundly influences and impacts our everyday activities, but it is also out of control and has spawned many controversial issues involving free speech, censorship, intellectual property, and privacy. The free market and society norm may, in some measure, be capable of regulating these issues and eventually help allay many of our concerns. A major and controversial concern that requires additional discussion is safeguarding the confidentiality of private medical information.
Expectations of Privacy and Private Medical Information
According to attorney and privacy law specialist, Ronald B. Standler, “Privacy is the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities” (Standler, 1997). Another theorist, Ruth Gavison, defines privacy as “the limitation of others’ access to an individual with three key elements: secrecy, anonymity, and solitude.” Secrecy or confidentiality deals with the limits of sharing knowledge of oneself. Anonymity deals with unwanted attention solitude refers to being apart from others (Spinello, 2003). Basically, we want to protect the integrity of who we are, what we do, and where we do it. Regardless of our definition, the right of privacy usually concerns individuals who are in a place reasonably expected to be private. Information that is public record, or voluntarily disclosed in a public place, is not protected.
The open architecture of the modern phenomenon that we call the Internet raises very unique ethical concerns regarding privacy. Information is sent effortlessly over this vast global network without boundaries. Personal information may pass through many different servers on the way to a final destination. There are virtually no online activities or services that guarantee absolute privacy. It is quite easy to be lulled into thinking your activity is private when actually many of these computer systems can capture and store this personal information and actually monitor your online activity (Privacy Rights Clearinghouse, 2006). The Net’s underlying architecture is designed to share information and not to conceal or protect it. Even though it is possible to develop an adequate level of security, with an acceptable risk level, it is at enormous cost and considerable time.
Medical records are among the most personal forms of information about an individual and may contain medical history, lifestyle details (such as smoking or participation in high-risk sports), test results, medications, allergies, operations and procedures, genetic testing, and participation in research projects.The protection of this private medical information falls under the area of medical ethics. The realm of medical ethics is to analyze and resolve ethical dilemmas that arise in medical practice and biomedical research. Medical ethics is guided by strict principles or standards that address: Autonomy, Beneficence, Nonmaleficence, Fidelity, and Justice (Spinello, 2003). The principle of Autonomy includes a person’s right to be fully informed of all pertinent information related to his/her healthcare. A discussion of medical ethical principles and patient rights leads us to further discuss legislation designed to maintain and protect these cherished rights.
Access to Private Medical Information and the Health Insurance Portability and Accountability Act of 1996
Since 400 B.C. and the creation of the Hippocratic Oath, protecting the privacy of patient medical information has been an important part of the physician’ code of conduct. Unfortunately, many organizations and individuals not subject to this strict code of conduct are increasingly requesting this private information.Every time a patient sees a doctor, is admitted to a hospital, goes to a pharmacist, or sends a claim to a healthcare plan, a record is made of their confidential health information. In the past, all healthcare providers protected the confidentiality of medical records by locking them away in file cabinets and refusing to reveal them to anyone else. Today, we rely on “protected” electronic records and a complicated series of laws to maintain our confidential and private medical records.
Congress duly recognized the need for national patient record privacy standards in 1996 when they enacted the Health Insurance Portability and Accountability Act HIPAA). This act was effective April 14, 2003 (small health plans implementation date was April 14, 2004) and was meant to improve the efficiency and effectiveness of the nation’s healthcare system. For the first time, federal law established standards for patient medical record access and privacy in all 50 states. The act includes provisions designed to save money for health care businesses by encouraging electronic transactions, but it also required new safeguards to protect the security and confidentiality of that information (Diversified Radiology of Colorado, 2002).
There are three essential parts to HIPAA: Privacy, Code Sets, and Security. The Security section is further subdivided into four parts: Administrative Procedures, Physical Safeguards, Technical Security Services (covering “data at rest”), and Technical Security Mechanisms (covering “data in transmission”).
PRIVACY:
The intent of the HIPAA regulations is to protect patients’ privacy and allow patients greater access to their medical records. The Act specifically addresses patients’ Protected Health Information (PHI) and provides patients with greater access to and modification of their medical records. Prior to providing patient services, the Covered Entity must first receive the patient’s consent to share PHI with such organizations as the insurance billing company, the billing office, and physicians to which the patient may be referred. Individuals must be able to access their records, request correction of errors, and they must be informed of how their personal information will be used. Individuals are also entitled to file formal privacy-related complaints to the Department of Health and Human Services (HHS) Office for Civil Rights.
CODE SETS:
Under HIPAA, codes are standardized to improve safety and security of health information. According to these new standards, a code set is any set of codes used for encoding data elements, such as tables of terms, medical diagnosis codes, procedure codes, etc.
SECURITY:
The security section is divided into four major parts:
1. Administrative, which requires documented formal practices, the execution of security measures to protect data, policies and procedures regulating conduct of personnel in protecting data, security training, incident procedures, and termination policies.
2. Physical Safeguards relate to the protection of physical computer systems, network safeguards, environmental hazards, and physical intrusion. One must consider computer screen placement, pass code protection, and computer locks to control access to medical information.
3. Technical Security Services refers to PHI stored on the computer network and how it is securely stored and accessed. Those using the PHI must be logged on and authenticated. An audit trail of authenticated access will be maintained for 6 years.
4. Technical Security Mechanisms refers to PHI transmitted over a communication network such as the Internet, frame relay, VPN, private line, or other network. PHI transmitted over a communication network must be encrypted.
There are also some noticeable shortcomings to HIPAA. The act did little to actually make health insurance more “portable” when an employee changes employers. Also, the Act did not significantly increase the health insurers’ accountability for wrongdoing with provisions that are often difficult to monitor and enforce. There is also much confusion for patients, as well as healthcare providers, in regard to the interpretation of the act (Diversified Radiology of Colorado, 2002).
Other Laws, Regulations, and Decisions Regarding Private Medical Information
Besides HIPAA, there are important state regulations and laws, and federal laws and legal decisions, concerning the privacy and confidentiality of medical information (Clifford, 1999):
The Privacy Act of 1974 limits governmental agencies from sharing medical information from one agency to another. Congress declared hat “the privacy of an individual is directly affected by the collection, maintenance, use and dissemination of personal information …,” and that “the right to privacy is a personal and fundamental right protected by the Constitution of the United States …” (Parmet, 2002).
The Alcohol and Drug Abuse Act, passed in 1988, establishes confidentiality for records of patients treated for alcohol or drug abuse (only if they are treated in institutions that receive federal funding).
The Americans with Disabilities Act, passed in 1990, prohibits employers from making employment-related decisions based on a real or perceived disability, including mental disabilities. Employers may still have access to identifiable health information about employees for reasonable business needs including determining reasonable accommodations for disabled workers and for addressing workers compensation claims.
Supreme Court decision in Jaffee v. Redmond: On June 13, 1996, the Court ruled that there is a broad federal privilege protecting the confidentiality of communication between psychotherapists and their clients. The ruling applies to psychiatrists, psychologists and social workers.
Freedom and Privacy Restoration Act of 1999: Designed to prohibit the creation of government unique medical ID numbers.
Managed Care and Cyber Threats to Private Medical Information
The introduction of the Internet and the advances in telecommunications technology over the last two decades allows us to access vast amounts of medical information, regardless of time, distance, or remoteness, with relative ease. This cyber access to medical information has profoundly changed how healthcare providers treat patients and offer advice. No longer are there barriers to the efficient exchange of health information and critical life-saving medical information. In addition to the many benefits of cyber access to medical information, there are also serious threats to our personal privacy and our medical information.
The intense interest for the protection and privacy of medical information is driven by two major developments. The first is the growth of electronic medical record keeping that has replaced paper records. A report from the National Academy of Sciences states that the healthcare industry spent between $10 and $15 billion on information technology in 1996 (Mehlman, 1999). This was the year that the Health Insurance Portability and Accountability Act was passed with most of the expenditure attributed to converting hard-copy information to electronic formats.Electronic medical records (EMRs) present a significant threat to maintaining the privacy of patient-identifiable medical information. This medical information can be retrieved instantaneously by anyone with access and passwords. Although hard-copy medical information can be easily copied, electronic records are much more easily copied and transmitted without boundaries.
The second major development that concerns the privacy of patient information is the overall growth of managed care organizations. There is a demand for an unprecedented depth and breath of personal medical information by an increasing number of players. In contrast to traditional fee-for-service healthcare, the provider of care and the insurer can be the same entity. In this situation, any medical information in the possession of the provider is also known to the insurer. This is common in all forms of managed care, but most evident in closed-panel HMOs. This sharing of information increases the fear that the insurer may use the data to limit benefits or terminate insurance coverage (Mehlman, 1999).
Some managed care companies are reporting private medical information to an extreme in requiring providers to report to case managers within twenty-four hours any case that is considered a high risk potential for the client, a second party, the employer, or the managed care company. Examples include such things as possible danger to self or others, suspected child abuse, potential threats to national security or the client organization, client’s request for records, complaint about Employee Assistance Program services or threat of a lawsuit, and potential involvement in litigation including confession or knowledge of criminal activity. No mention is made concerning client privacy or rights regarding the release of this information. Nothing is also said about what will be done with the information that is shared (Clifford, 1999).
Another issue with managed care companies is the large volume of data processed and the carelessness in handling medical information. A salient example deals with lost records as noted in a 1993 survey sample of San Francisco Bay Area psychologists. In this survey, 59% of reports were mailed or faxed to wrong persons, charts accidentally switched, or proper authorization not obtained (Clifford, 1999).
Maintaining and Protecting Electronic Private Medical Information
In order to maintain and protect valued private medical information, we must always be vigilant and proactive. Basic steps can be taken prior to using electronic information sharing. For example, when signing a “Release of Information” form, read everything carefully. If not clearly understood, ask questions. Also, remember that HIPAA grants you the right to request that your healthcare provider restrict the use or disclosure of your medical information. Make sure those who ask for information are properly identified and authorized to collect this information. Finally, make sure that the person collecting information uses at least two “identifiers” to ensure proper identification of patient (e.g. name, last four of social security number, address, telephone, number, birth date etc.
When dealing with electronic and computerized medical information, the situation gets more tenuous and much more complex. Secure networks and websites, passwords, firewalls, and anti-virus software, are unquestionably the first steps in a plan of protection. Passwords must be complex, using numbers, letters, and cases, yet also easily remembered. To maintain security, experts suggest that passwords be changed every 90 days or if they are believed to be compromised. In addition, any private medical information sent on the NET or non-secure networks should be encrypted. Encryption (64 or 128 bit) is translating information into a secret code where a key or password is required to read the information.
Further security is provided by using privacy enhancing P3P frameworks, filtering software (e.g. MIMESweeper), message authentication codes “(MACs), and “digital signatures.” The Platform for Privacy Preferences Project (P3P) is a technological framework that uses a set of user-defined standards to negotiate with websites regarding how that user’s information will be used and disseminated to third parties (Spinello, 2003). This P3P architecture helps define and improve cyberethics, improves accessibility, improves consistency, and increases the overall trust in using cyberspace. MACs utilize a common key that generates and verifies a message whereas digital signatures generally use two complementary algorithms – one for signing and the other for verification.
There has also some creative technology proposed for maintaining and protecting private medical information. In October 2004, the “VeriChip” was approved by the FDA for implantation into the triceps of patients. The chip is about the size of a grain of rice and is inserted under the skin during a 20-minute procedure. This invisible chip stores a code that can scanned to further release a patient’s private medical information. This code is then used to download encrypted medical information. The procedure cost is about $150-200 (MSNBC, 2004).
Another more commonly used medical information tool is the “smart card,” a credit card sized device with a small-embedded computer chip. This “computer in a card” can be programmed to perform tasks and store important information. During an emergency, paramedics and emergency rooms equipped with smart card readers can rapidly access potentially life-saving information about a patient, such as allergies to medication, and chronic medical conditions. There are different types of smart cards: memory cards, processor cards, electronic purse cards, security cards, and JavaCards. These cards are tamper-resistant, can be PIN protected or read-write protected, can be encrypted, and can be easily updated. These unique features make smart cards advantageous for storing personal medical information and are popular throughout the world. In Germany and Austria, 80 million people have the capability of using these smart cards when they visit their doctor (Cagliostro, 1999).
There is also a recent proposed government plan to create a national system of electronic health records (EHRs). Details include the building of a National Health Information Network that will electronically connect all patients’ medical records to providers, insures, pharmacies, labs, and claim processors. The sharing of vital information could improve patient care, include more accurate and timely substantiation of claims, and be an asset to public health in emergencies. The goal is to have it operational by 2009. Even with laudatory goals of saving money, making medical care more efficient, and decreasing drug reactions and interactions, there are still inherent dangers to this national plan. There are valid concerns that pharmaceutical companies may attempt to market a new drug or device for your specific medical condition. There are also strong worries of exploitation and abuse of personal data. Who will monitor access to the information? There are also concerns that lenders or employers may rely on private medical information to make business decisions. Then there is always the ever present fear of hackers and pranksters retrieving your personal information. There are still so many questions unanswered (Consumer Reports.org, 2006).
In conclusion, we are now stuck with a “Cyberspace Monster” and all of its advantages and shortcomings. When we use cyberspace, we can have no expectations of privacy and we must accept a level of risk. Therefore, when transmitting and sharing private medical information, we must be always aware to take precautions in safeguarding our privacy as much as possible by using secure networks, P3P architecture, passwords, firewalls, encryption, message codes, digital signatures, and devices like smart cards and “VeriChips.” Medical records are among the most personal forms of information about an individual, but we are challenged to find a balance between society’s interest in protecting medical confidentiality and the legitimate need for timely access to critical medical information especially with fears of influenza pandemics and bioterrorism. When this information is transferred into electronic format, we have heightened concerns about maintaining and protecting this private data. With managed care, there is a demand for an unprecedented depth and breath of personal medical information by an increasing number of players. While the HIPAA provisions are a welcomed start in protecting our private medical information, we must remain vigilant of the ever increasing need to protect this special information.
References:
Cagliostro, C. (1999) Smart card primer.
Clifford, R. (1999) Confidentiality of records and managed care legal and ethical issues.
Consumer Reports.org (2006). The new threat to your medical privacy.
Diversified Radiology of Colorado (2002) History: HIPAA general information.
Mehlman, M. J. (1999) Emerging issues: the privacy of medical records.
MSNBC (2004) FDA approves computer chip for humans.
Parmet, W. E. (2002) Public health protection and privacy of medical records.
Privacy Rights Clearinghouse (2006) Internet privacy resources.
Spinello, R. A. (2003) CyberEthics: Morality and law in cyberspace. Jones and Bartlett Publishers, Sudbury, MA
Standler, R. B. (1997) Privacy law in the USA.
Knowledge Mapping
This module focuses on the basics of Knowledge Mapping, its importance, principles, and methodologies.
Key Questions
What is K-map?
What does the K-map show, and what do we map?
Why is K-mapping so important?
What are some of the key principles, methodologies, and questions for K-mapping?
How do we create K-map?
Background
Each of the past centuries has been dominated by single technology. The eighteenth century was the time of the great mechanical systems accompanying the Industrial Revolution. The nineteenth century was the age of steam engine. After these, the key technology has been information gathering, processing and distribution. Among other developments, the installation of world wide telephone networks, the invention of radio and television, the birth and unprecedented growth of the computer industry and the launching of communication satellites are significant. Now people started to think that only information is not enough, what matters is Knowledge. So there has been seen shift from Information to Knowledge.
A bit of information without context and interpretation is data such as numbers, symbols.
Information is a set of data with context and interpretation. Information is the basis for knowledge.
Knowledge is a set of data and information, to which is added expert opinion and experience, to result in a valuable asset which can be used or applied to aid decision making. Knowledge may be explicit and/or tacit, individual and/or collective.
The term -Knowledge Mapping- seems to be relatively new, but it is not. We have been practising this in our everyday life, just what we are not doing is – we are not documenting it, and we are not doing it in a systematic way. Knowledge Mapping is all about keeping a record of information and knowledge you need such as where you can get it from, who holds it, whose expertise is it, and so on. Say, you need to find something at your home or in your room, you can find it in no time because you have almost all the information/knowledge about -what is where- and -who knows what- at your home. It is a sort of map set in your mind about your home. But, to set such a map about your organisation and organisational knowledge in your mind is almost impossible. This is where K-map becomes handy and shows details of every bit of knowledge that exists within the organisation including location, quality, and accessibility; and knowledge required to run the organisation smoothly – hence making you able to find out your required knowledge easily and efficiently.
Below are some of the definitions:
It’s an ongoing quest within an organization (including its supply and customer chain) to help discover the location, ownership, value and use of knowledge artifacts, to learn the roles and expertise of people, to identify constraints to the flow of knowledge, and to highlight opportunities to leverage existing knowledge.
Knowledge mapping is an important practice consisting of survey, audit, and synthesis. It aims to track the acquisition and loss of information and knowledge. It explores personal and group competencies and proficiencies. It illustrates or “maps” how knowledge flows throughout an organization. Knowledge mapping helps an organization to appreciate how the loss of staff influences intellectual capital, to assist with the selection of teams, and to match technology to knowledge needs and processes.
- Denham Grey
Knowledge mapping is about making knowledge that is available within an organisation transparent, and is about providing the insights into its quality.
- Willem-Olaf Huijsen, Samuel J. Driessen, Jan W. M. Jacobs
Knowledge mapping is a process by which organisations can identify and categorise knowledge assets within their organisation – people, processes, content, and technology. It allows an organisation to fully leverage the existing expertise resident in the organisation, as well as identify barriers and constraints to fulfilling strategic goals and objectives. It is constructing a roadmap to locate the information needed to make the best use of resourses, independent of source or form.
-W. Vestal, APQC, 2002
(American Productivity & Quality Center)
Knowledge Map describes what knowledge is used in a process, and how it flows around the process. It is the basis for determining knowledge commonality, or areas where similar knowledge is used across multiple process. Fundamentally, a process knowledge map cntains information about the organisation?s knowledge. It describes who has what knowledge (tacit), where the knowledge resides (infrastructure), and how the knowledge is transferred or disseminated (social).
-IBM Global Services
How are the Knowledge Maps created?
Knowledge maps are created by transferring tacit and explicit knowledge into graphical formats that are easy to understand and interpret by the end users, who may be managers, experts, system developers, or anybody.
Basic steps in creating K-maps:
Basic steps – creating K-maps for specific task
The outcomes of the entire process, and their contributions to the key organisational activities
Logical sequences of all the activities needed to achieve the goal
Knowledge required for each activity {gives the knowledge gap}
Human resource required to undertake each activity {shows if recruitment is needed}
What do we map?
The followings are the objects we map:
Explicit knowledge
subject
purpose
location
format
ownership
users
access right
Tacit knowledge
expertise
skill
experience
location
accessibility
contact address
relationships/networks
Tacit organisational process knowledge
the people with the internal processing knowledge
Explicit organisational process knowledge
codified organisational process knowledge
What do the knowledge maps show?
Knowledge map shows the sources, flows, constraints, and sinks of knowledge within an organisation. It is a navigational aid to both explicit information and tacit knowledge, showing the importance and the relationships between knowledge stores and the dynamics. The following list will be more illustrative in this regard:
Available knowledge resources
Knowledge clusters and communities
Who uses what knowledge resources
The paths of knowledge exchange
The knowledge lifecycle
What we know we don?t know (knowledge gap)
Activity: 1
>> Can you create your personal knowledge map which shows the types and location of knowledge resources you use, the channels you use to access knowledge?
Where does knowledge reside?
Knowledge can be found in
Correspondents, internal documents
Library
Archives (past project documents, proposals)
Meetings
Best practices
Experience
Corporate memory
Activity: 2
>> What are the other places where you can find knowledge?
What are the other things to be mapped?
Benefits of K-mapping
In many organisations there is a lack of transparency of organisation wide knowledge. Valuable knowledge is often not used because people do not know it exists, even if they know the knowledge exists, they may not know where. These issues lead to the knowledge mapping. Followings are some of the key reasons for doing the knowledge mapping:
to find key sources of knowledge creation
to encourage reuse and prevent reinvention
to find critical information quickly
to highlight islands of expertise
to provide an inventory and evaluation of intellectual and intangible assets
to improve decision making and problem solving by providing applicable information
to provide insights into corporate knowledge
The map also serves as the continuously evolving organisational memory, capturing and integrating the key knowledge of an organisation. It enables employees learning through intuitive navigation and interrogation of the information in the map, and through the creation of new knowledge through the discovery of new relationships. Simply speaking, K-map gives employees not only -know what-, but also -know how-.
Key principles of Knowledge Mapping
Because of their power, scope, and impact, the creation of organisational-level knowledge map requires senior management support as well as careful planning
Share your knowledge about identifying, finding, and tracking knowledge in all forms
Recognise and locate knowledge in a wide variety of forms: tacit, explicit, formal, informal, codified, personalised, internal, external, and permanent
Knowledge is found in processes, relationships, policies, people, documents, conversations, links and context, and even with partners
It should be up-to-date and accurate
K-mapping – key questions
Knowledge map provides an assessment of existing and required knowledge and information in the following categories:
What knowledge is needed for work?
Who needs what?
Who has it?
Where does it reside?
Is the knowledge tacit or explicit?
What issues does it address?
How to make sure that the K-mapping will be used in an organisation?
Note:
K-maps should be easily accessible to all in the organisation
It should be easy to understand, update and evolve
It should be updated regularly
It should be an ongoing process since knowledge landscapes are continuously shifting and evolving
Offline Readings:
K-mapping tools
K-mapping tool selection
Creating knowledge maps by exploiting dependent relationships
Creating knowledge structure map?
White pages
KM jargon and glossary
Online Resource: http://www..voght.com/cgi-bin/pywiki?KnowledgeMapping
K-mapping Tools:
MindMapping
Inspiration
IHMC (cmap.ihmc.us/) (need to have.NET Framework and JavaRunTime installed in your computer)
(Learn more about KM tool selection at http://www.voght.com/cgi-bin/pywiki?KmToolSelection )
________________________________________
Categorised K-mapping
Social Network Mapping:
This shows networks of knowledge and patterns of interaction among members, groups, organisations, and other social entities who knows who, who goes to whom for help and advice, where the information enters and leaves the groups or organisation, which forums and communities of practice are operational and generating new knowledge.
Competency Mapping:
With this kind of mapping, one can create a competency profile with skill, positions, and even career path of an individual. And, this can also be converted into the?organisational yellow pages? which enables employees to find needed expertise in people within the organisation.
Process-based Knowledge Mapping:
This shows knowledge and sources of knowledge for internal as well as external organisational processes and procedures. This includes tacit knowledge (knowledge in people such as know-how, and experience) and explicit knowledge (codified knowledge such as that in document).
Conceptual Knowledge Mapping:
Also sometimes called -taxonomy-, it is a method of hierarchically organising and classifying content. This involves in labelling pieces of knowledge and relationships between them. A concept can be defined as any unit of thought, any idea that forms in our mind [Gertner, 1978]. Often, nouns are used to refer to concepts [Roche, 2002]. Relations form a special class of concepts [Sowa, 1984]: they describe connections between other concepts. One of the most important relations between concepts is the hierarchical relation (subsumption), in which one concept (superconcept) is more general than another concept (subconcept) like Natural Resource Management and Watershed Management. This mapping should be able to relate similar kind of projects and workshops conducting/conducted by two different departments, making them more integrated.
Knowledge is power, broadly accessible, understandable, and shared knowledge is even more powerful!
Bankruptcy and IRS Collections – How to Beat the System
You’re in serious debt. You owe a number of creditors and have no hope of paying them. The worst part is one of your creditors is the most powerful collection agency in America…the Internal Revenue Service.
A fateful decision…You’ve decided to declare bankruptcy, and while going through your creditors you wonder if the IRS can be included. The IRS has a number of rules and restrictions on including an IRS debt in a bankruptcy. Not only that, but you’re not completely free of IRS collection actions while you’re in bankruptcy.
Let’s go through the life cycle of an IRS debt and a bankruptcy:
Can you include your IRS debt in a bankruptcy? Yes, but your debt has to meet 3 standards. If it doesn’t meet even one of them then you’ve got to figure out another way to pay the debt. The 3 standards are:
1. You can not include any tax debt that is less than 3 years old. So if your tax debt is from last year it can’t be included.
2. You can not have any unfiled tax returns.
3. You can not have any tax returns that were audited because you committed tax fraud.
One down…Let’s say that your IRS debt meets the requirements and you can include it in your bankruptcy; now what? The IRS can’t take any collection action against you while you’re in bankruptcy under the Automatic Stay of Collections.
There is a loophole for the IRS if you’re a serial bankruptcy filer. If you’ve filed bankruptcy and it had been dismissed within the last year the IRS only has to abide by the Automatic Stay for 30 days. If you’ve filed two bankruptcies then the IRS can ignore the Automatic Stay.
Do they ever quit? While the IRS can’t collect from you here’s what they can do: The IRS can perform an audit to determine your tax debt amount. The IRS can send you an annual notice stating your debt amount. The IRS can take any tax refund you would have due and apply it to your debt, or if you have a trustee handling your bankruptcy the refund goes to them to be distributed to your creditors.
An end in sight…What happens to your IRS tax debt after the bankruptcy is discharged. If your tax debt was included and discharged then the debt is non collectible. But wait; remember those 3 standards for including a debt in bankruptcy. Any tax debt that happened because of one or all of those reasons is still eligible for collections. In addition interest and penalties have accrued on that portion of the debt during the time you were in bankruptcy.
The IRS and bankruptcy do not go together, but if you know your rights you can make the decision you need about your debts and be able to get your life back on track.
Now you have the smoking gun…Use it!
Energy Defined as The Ability to Do Work
In the world of physics energy is often defined as the ability to do work. For instance the energy of the wind that moves a windmill might create electricity or through a process of gears it might turn a pump for water. A car engine on the other hand will turn a set of gears in a transmission which then turns the tires and makes the car go. We call this energy horsepower and that’s how we measure it; horsepower is the ability to do work and it is a measurement stick.
Is there an energy which cannot be defined by its ability to do work? It is hard to say because as soon as you make a statement of a type of energy and its how it does no work someone else can come up with what that energy is doing thus figure out how it can be measured. The human body burns calories and that allows it to do work.
The human brain uses that the energy and it can think, is that work? The amount of energy the human brain uses in the amount of work it’s able to do varies from person to person; same with someone’s physical ability.
In this case you might say that the human brain is a force multiplier, as it is able to figure out an easier way to do work, saving energy and making other energies more efficient and effective. Thus it is really worth what you put into it. So, feed your body good stuff and use your brain to the best of your ability.
If you take a strong man and give him a banana he may be able to shovel twice as much snow as a small skinny person who also eats the same banana but has a higher metabolism. The problem with defining energy as its ability to do work is that it cannot always be measured and even if we come up with a measurement the conversion rates of energy to work will vary from machine to machine or from human to human.
We have often heard in Communism that people should have equal pay for equal work. But how could we measure the work and no two humans are equal in their ability to do work. If we use methods of piecemeal work like Friedrich Winslow Taylor or JD Rockefeller this is a better measurement. But that would be capitalism not Communism.
In Communism everyone does the best they can or puts in their time and expects that to be good enough. Unfortunately that does not provide the incentive needed to be efficient. Thus communism is a poor method when applied to humans to fully utilize the bio-system, brain or take advantage of the force multiplier.
Defining energy as the ability to work is irrelevant without the efficiency quotient attached. Without trampling on the world of physics or the academia sciences we must never forget that not all things can be measured in such a simplistic way because all things are not equal; they never have been and they never will be. Everything is not as it seems.