About science Overview Of Scientific Equipment

Scientific Equipment, as the word suggests, are scientifically/specially designed artifacts, that are instrumental in carrying out scientific experiments, taking measurements and gathering data. If you have ever been to a scientific equipment manufacturers , you might have noticed the plethora intricate machines, apparatus, and sophisticated devices that are used by the scientists while working. Although scientific equipment are a part of laboratory instruments, they, in general are, more sophisticated more specialized than the latter. They usually incorporate computing technology to improve and simplify control, enhance and extend instrumental functions, conditions, parameter adjustments and data sampling, collection, resolution, analysis (both during and post-process), storage and retrieval. A few Scientific Equipment are discussed below: Microscope: Microscopes are probably the most common scientific equipment and are used to observe microorganisms, objects that are far too small for the naked eye.The word Microscope comes from the Greek word mikrs, meaning small and skopen, "to look" or "see". The origin of the microscope can be traced back to the late 16th century, to Hans Lippershey and Zacharias Janssen, two glass makers from Middelburg, Netherlands. Although the optical microscope is the most commonly used and the first to be invented, there exist numerous different kinds today. A typical optical microscope contains one or more lenses and uses light to form an enlarged image of a sample placed in the focal plane. Optical microscopes have refractive glass and occasionally of plastic or quartz, to focus light into the eye or another light detector. Spectrometer: A Spectrometer is a scientific instruments manufacturers used to measure light across a spectrum. It functions by splitting the light collected by a telescope into all its colors, which allows scientists and astronomers see the details in the light from space. By measuring what specific parts of the spectrum are bright or dim, analysis of the light can be done, and this can tell us a good deal about the source of the light. Spectrometer operate over a very wide range of wavelengths, from gamma rays and X-rays into the far infrared. A few different types of spectrometers are Prism Spectrometer, Mass spectrometer, UV Spectrometer, Optical spectrometer, Grating Spectrometer, Color Spectrometer, Infrared Spectrometer, Raman Spectrometer. Operant Conditioning Chambers: The operant conditioning chamber is also called a Skinner box. This equipment was made by B.F. Skinner while he was studying at Harvard University. This type of laboratory equipment is primarily used for studying and analyzing the behavior of the animals. The device is used to study both classical conditioning and operant conditioning. Telescope: The telescope is an Scientific Equipment used to observe distant objects by electromagnatic radiation. Although Galilio is often credited for inventing the telescope, history documents that telescopes were used even in the early 16th century in Netherlands. In the early part telescopes used glass lenses and mirrors but with the advent of newer technology, radio telescope and infrared telescopes came into being. In contemporary times, the word telescope now refers to a wide range of instruments detecting different regions of the electromagnetic spectrum, and in some cases

About sports Take A Step To Join Crowd of 2012 Olympic

The 2012 Olympics will be held in London from 27th July to 12 August 2012. Several new facilities are

Olympic committee and many new plans for regeneration of Stratford and Lower Lea Valley. The games will start with demonstration oftorch relay in May and going through September
offered by London 9. It has estimated that approximately 205 nations will be participated in olympic games 2012, in which 144 are qualified. Estimated 10,500 athletes will participate in this mega event. Total of 26 sports and 38 disciplines will be played along with 302 events. It is expected that the Olympic Games carry several benefits to London as well as whole UK. In the city, most places have faced to lots changes and development and also give some modernization to venue and stadium where event will be happen. The games will take place with regular events like Wimbledon and Notting hill parade show and also other events. The Olympic Games opening ceremony will take place on July 27 and continues during twelve days and it also expected that huge visitors will come to London to enjoy events. The olympic games 2012 london will be third times that hosted by city after 1908 and 1948. London is only city of UK to host the Olympic. The aim of sports is to spread harmony and peace all over the world. The city has previously begun to gear up for accommodating observers who will come to London during sporting event. Various accommodation as luxury hotels to budget beds are available in the city. The London Olympichas faced many construction for redevelopment of venue, stadium and many accommodation places. The venues are pre-described all over London with many popular locations such as Hyde Park, Greenwich Park etc. Olympic Games Dates The olympic games will be start with best athletes competitions for six gold medals in the disciplines of dressage and show jumping that will be held at the venue of Greenwich Park. The ticket selling of every event will go on March 15 that has announced by Olympic officials. Only six weeks will be given to sports fans for booking ticket. The price of tickets starts from 20 and maximum ticket price are announced as 2012. More than 58000 tickets will be available for initial ticket booking session for more than 650 sporting session. If you want to enjoy the every events of Olympic, you must book olympic games tickets from its official website or you can get ticket from other authorized center. Just books tickets for watching the events of your favorite sports person. Third times held in London, the Olympic Games will start from 27th July to 12th August. It will be twelve days events and there will 302 sporting events happen during this mega sports period. Individual can find olympic games schedule for every events. The opening ceremony will be happen on July 27 and closing ceremony will be on August 12. Booking dates of tickets are also announced by Olympic officials. You can book ticket to enjoy every events of Olympic of your favorite star. If you want to get full schedule of Olympic, you must visit our web portal which make you friendly with time and dates for any particular events.

Young minds for Martial Arts: For Kids Also

When I was a boy I always loved getting together with my grandma and grandpa, they were amazing individuals from an older approach. As soon as my grandmother would see me coming he would place out his hands for a hug. Soon after that hed place up his fists. It might seem unusual to a lot of individuals, battling your grandmother before being permitted into his house, but it was not an act of anger or malice. The old man basically wanted to see how my skills were advancing. He encased his granddaughters too. He considered it was never too beginning to begin a kid's instructions in the battling techniques. There are so many benefits of this sort of exercising and self-discipline. It has

been shown to improve conduct, educational efficiency, social progression, and actual progression of kids. But most of all, it significantly helps their chances of success and protection in any regrettable situation that might happen. Martial discipline needs a complete exercise and anaerobic workout which helps kids launch excess energy and keep their mind biochemistry sensible. Over-diagnosed conditions like ADHD are often not the terrible devastating genetic problems that slothful university moderators and well clothed tablet pushers often claim that they are. In many studies conducted on kids identified with ADHD it was found that making changes in kid's diet and including actions like Jiu-Jitsu or other battling technique exercising is often more effective than drugs. And it is so much better. One of the big issues a lot of modern kids have is a lack of actual activity; no one goes to the park to perform ball nowadays, they perform at home on the gaming system. If a kid is tired there is no need to imagine an action or move around to find one, they can basically swap on the television. This has lead to an ever growing pattern of kids, youth diabetic issues and behavior issues starting themselves at university. A few hours a day, a couple days a week, is all it takes to begin treating these negative habits that so many kids are creating and often sustain until later in life. By starting health and battling techniques education beginning you show kids the value and joy of these actions each period in their life when the tutorial is most likely to be taken to heart. The historical Greeks trained that a sensible thoughts populated health, but they just didn't really need to do that. Its kind of apparent. By keeping a routine of physical health such as battling techniques exercising a kid's persona create in a sensible way, as they would in a more natural setting. The kid also understands to sustain long run concentrate to experience objectives, a very useful and often forgotten life skill that will help them exceed to the very best of their capabilities in university. By finding a safe and trusted university like High Performance Martial

Martial arts in Keller,

Arizona, will you can give your kid the health and concentrate to be successful in university and life while also helping ensure their protection by enabling them to study an historical combative art such as

Jiu-Jitsu.

Computer Virus
n 1983, Fred Cohen coined the term computer virus, postulating a virus was "a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself. The term virus is actually an acronym for Vital Information Resources Under Seize. Mr. Cohen expanded his definition a year later in his 1984 paper, A Computer Virus, noting that a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs. Every program that gets infected may also act as a virus and thus the infection grows. Computer viruses, as we know them now, originated in 1986 with the creation of Brain - the first virus for personal computers. Two brothers wrote it (Basid and Farooq Alvi who ran a small software house in Lahore, Pakistan) and started the race between viruses and anti-virus programs which still goes on today. Using the above explanation, it can be said that viruses infect program files. However, viruses can also infect certain types of data files, specifically those types of data files that support executable content, for example, files created in Microsoft Office programs that rely on macros. Compounding the definition difficulty, viruses also exist that demonstrate a similar ability to infect data files that don't typically support executable content - for example, Adobe PDF files, widely used

for document sharing, and .JPG image files. However, in both cases, the respective virus has a dependency on an outside executable and thus neither virus can be considered more than a simple proof of concept. In other cases, the data files themselves may not be infectable, but can allow for the introduction of viral code. Specifically, vulnerabilities in certain products can allow data files to be manipulated in such a way that it will cause the host program to become unstable, after which malicious code can be introduced to the system. These examples are given simply to note that viruses no longer relegate themselves to simply infecting program files, as was the case when Mr. Cohen first defined the term. Thus, to simplify and modernize, it can be safely stated that a virus infects other files, whether program or data. Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer to computer like a biological virus passes from person to person. There are similarities at a deeper level, as well. A biological virus is not a living thing. A virus is a fragment of DNA inside a protective jacket. Unlike a cell, a virus has no way to do anything or to reproduce by itself -- it is not alive. Instead, a biological virus must inject its DNA into a cell. The viral DNA then uses the cell's existing machinery to reproduce itself. In some cases, the cell fills with new viral particles until it bursts, releasing the virus. In other cases, the new virus particles bud off the cell one at a time, and the cell remains alive. A computer virus shares some of these traits. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks. A computer virus is a program that replicates. To do so, it needs to attach itself to other program files (for example, .exe, .com, .dll) and execute whenever the host program executes. Beyond simple replication, a virus almost always seeks to fulfill another purpose: to cause damage. Called the damage routine, or payload, the destructive portion of a virus can range from overwriting critical information kept on the hard disk's partition table to scrambling the numbers in the spreadsheets to just taunting the user with sounds, pictures, or obnoxious effects. Its worth bearing in mind, however, that even without a damage routine, if viruses are allowed to run unabated then it will continue to propagate--consuming system memory, disk space, slowing network traffic and generally degrading performance. Besides, virus code is often buggy and can also be the source of mysterious system problems that take weeks to understand. So, whether a virus is harmful or not, its presence on the system can lead to instability and should not be tolerated. Some viruses, in conjunction with "logic bombs," do not make their presence known for months. Instead of causing damage right away, these viruses do nothing but replicate--until the preordained trigger day or event when they unleash their damage routines on the host system or across a network. Impact of Viruses on Computer Systems Virus can be reprogrammed to do many kinds of harm including the following. 1.Copy themselves to other programs or areas of a disk. 2.Replicate as rapidly and frequently as possible, filling up the infected systems disk and memory rendering the systems useless. 3.Display information on the screen. 4.Modify, corrupt or destroy selected files. 5.Erase the contents of entire disks. 6.Lie dormant for a specified time or until a given condition is met, and then become active. 7.Open a back door to the infected system that allows someone else to access and even control of the

system through a network or internet connection. 8.Some viruses can crash the system by causing some programs (typically Windows) to behave oddly. How viruses spread from one system to another? The most likely virus entry points are email, Internet and network connections, floppy disk drives, and modems or other serial or parallel port connections. In today's increasingly interconnected workplace (Internet, intranet, shared drives, removable drives, and email), virus outbreaks now can spread faster and wider than ever before. The following are some common ways for a virus to enter the users computer system: Email attachments Malicious scripts in web pages or HTML email FTP traffic from the Internet (file downloads) Shared network files & network traffic in general Demonstration software Pirated software Shrink-wrapped, production programs (rare) Computer labs Electronic bulletin boards (BBS) Diskette swapping (using other peoples diskettes for carrying data and programs back and forth) High risk files The most dangerous files types are: .EXE, .COM, .XLS, .DOC, .MDB Because they don't need any special conversion to infect a computer -- all they've got to do is run and consequently the virus spreads. It has been estimated that 99% of all viruses are written for these file formats. A list of possible virus carriers includes: EXE - (Executable file) SYS - (Executable file) COM - (Executable file) DOC - (Microsoft Word) XLS - (Microsoft Excel) MDB - (Microsoft Access) ZIP - (Compressed file, common in the USA) ARJ - (Compressed file, common in the USA) DRV - (Device driver) BIN - (Common boot sector image file) SCR - (Microsoft screen saver) Common Symptoms Of Virus Infection Computer does not boot.q Computer hard drive space is reduced.q Applications will not load.q An application takes longer to load than normal time period.q Hard dive activity increases especially when nothing is being done onq the computer. An anti virus software message appears.q

The number of hard drive bad sectors steadily increases.q Unusual graphics or messages appear on the screenq Files are missing (deleted)q A message appears that hard drive cannot be detected or recognized.q Strange sounds come fromq the computer. Some viruses take control of the keyboard and occasionally substitute a neighboring key for the one actually pressed. Another virus "swallows" key presses so that nothing appears on the screen.q Also interesting are system time effects. Clocks going backwards are especially frightening for workers who cannot wait to go home. More seriously though, this type of virus can cause chaos for programs which depend on the system time or date.q Some viruses can cost the user dearly by dialing out on his modem. We do not know of one which dials premium telephone numbers but no doubt we shall see one soon. One particularly malicious virus dials 911 (the emergency number in the USA) and takes up the valuable time of the emergency services.q Categories of viruses Depending on the source of information different types of viruses may be categorized in the following ways: PDA VIRUSES The increasing power of PDAs has spawned a new breed of viruses. Maliciously creative programmers have leveraged the PDA's ability to communicate with other devices and run programs, to cause digital mayhem. The blissfully safe world where users of these devices could synchronize and download with impunity came to an end in August 2000 with the discovery of the virus Palm Liberty. Since then, many more viruses have been discovered. Though not yet as harmful as their PC-based cousins, these viruses still pose a threat to unsuspecting users. Their effects vary from the harmless flashing of an unwanted message or an increase in power consumption, to the deletion of all installed programs. But the threat is growing, and the destructiveness of these viruses is expected to parallel the development of the devices they attack. MULTIPARTITE VIRUSES A virus that combines two or more different infection methods is called a multipartite virus. This type of virus can infect both files and boot sector of a disk. Multi-partite viruses share some of the characteristics of boot sector viruses and file viruses: They can infect .com files, .exe files, and the boot sector of the computers hard drive. On a computer booted up with an infected diskette, the typical multi-partite virus will first make itself resident in memory then infect the boot sector of the hard drive. From there, the virus may infect a PC's entire environment. Not many forms of this virus class actually exist. However, they do account for a disproportionately large percentage of all infections. Tequila and Anticad are the examples of multipartite viruses. BOMBS The two most prevalent types of bombs are time bombs and logic bombs. A time bomb hides on the victims disk and waits until a specific date before running. A logic bomb may be activated by a date, a change to a file, or a particular action taken by a user or a program. Bombs are treated as viruses because they can cause damage or disruption to a system. BOOT SECTOR VIRUSES

Until the mid-1990s, boot sector viruses were the most prevalent virus type, spreading primarily in the 16-bit DOS world via floppy disk. Boot sector viruses infect the boot sector on a floppy disk and spread to a user's hard disk, and can also infect the master boot record (MBR) on a user's hard drive. Once the MBR or boot sector on the hard drive is infected, the virus attempts to infect the boot sector of every floppy disk that is inserted into the computer and accessed. Examples of boot sector viruses are Michelangelo, Satria and Keydrop. Boot sector viruses work like this: Let us assume that the user received a diskette with an infected boot sector. The user copied data from it but forgot to remove it from drive A:. When he started the computer next time the boot process will execute the infected boot sector program from the diskette. The virus will load first and infect the hard disk. Note that this can be prevented by changing the boot sequence in CMOS (Let C: drive boot before A:). By hiding on the first sector of a disk, the virus is loaded into memory before the system files are loaded. This allows it to gain complete control of DOS interrupts and in the process replaces the original contents of the MBR or DOS boot sector with their own contents and move the original boot sector data to another area on the disk. Because the virus has infected a system area of the hard disk it will be loaded into memory each time the computer is started. It will first take control of the lowest level disk system services before executing the original boot sector code which it has stored in another part of the hard disk. The computer seems to behave exactly as it should. Nobody will notice the extra few fractions of a second added to the boot sequence. During normal operation the virus will happily stay in memory. Thanks to the fact that it has control of the disk services it can easily monitor requests for disk access - including diskettes. As soon as it gets a request for access to a diskette it will determine that there is a diskette in the floppy drive. It will then examine its boot sector to see if it has already been infected. If it finds the diskette clean it will replace the boot sector with its own code. From this moment the diskette will be a "carrier" and become a medium for infections on other PC's. The virus will also monitor special disk requests for access to the boot sector. The boot sector contains its own code, and a request to read it could be from an anti-virus program checking for virus presence. The virus will not allow the boot sector to be read and will redirect all requests to the place on the hard disk where it has backed up the original contents. In this way nothing unusual is detected. Such methods are called stealth techniques and their main goal is to mask the presence of the virus. Not all boot viruses use stealth but those which do are common. Boot viruses also infect the non-file (system) areas of hard and floppy disks. These areas offer an efficient way for a virus to spread from one computer to another. Boot viruses have achieved a higher degree of success than program viruses in infecting their targets and spreading. Boot virus can infect DOS, Windows 3.x, Windows 95/98, Windows NT, and even Novell Netware systems. This is because they exploit inherent features of the computer (rather than the operating system) to spread and activate. Ads by Google

Cleaning up a boot sector virus can be performed by booting the machine from an uninfected floppy system disk rather than from the hard drive, or by finding the original boot sector and replacing it in the correct location on the disk. CLUSTER VIRUSES This type of virus makes changes to a disks file system. If any program is run from the infected disk, the program causes the virus to run as well. This technique creates the illusion that the virus has

infected every program on the disk. E-MAIL VIRUSES These types of viruses can be transmitted via e-mail messages sent across private networks or the internet. Some e-mail viruses are transmitted as an infected attachment- a document file or program that is attached to the message. This type of virus is run when the victim opens the file that is attached to the message. Other types of email viruses reside within the body of the message itself. To store a virus, the message must be encoded in html format. Once launched many e-mail viruses attempt to spread by sending messages to everyone in the victims address book; each of those contains a copy of the virus. The latest thing in the world of computer viruses is the e-mail virus called Melissa virus which surfaced in March 1999. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this: Someone created the virus as a Word document uploaded to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. As a result, the Melissa virus was the fastest-spreading virus ever seen and it forced a number of large companies to shut down their e-mail systems at that time. The ILOVEYOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double clicked on the attachment allowed the code to execute. The code sent copies of itself to everyone in the victim's address book and then started corrupting files on the victim's machine. This is as simple as a virus can get. It is really more of a Trojan horse distributed by e-mail than it is a virus. The Melissa virus took advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened. This is how the Melissa virus was programmed. Anyone who opened a document infected with Melissa would immediately activate the virus. It would send the 50 e-mails, and then infect a central file called NORMAL.DOT so that any file saved later would also contain the virus! It created a huge mess. FILE INFECTING VIRUSES File infectors operate in memory and usually infect executable files with the following extensions: *.COM, *.EXE, *.DRV, *.DLL, *.BIN, *.OVL, *.SYS. They activate every time the infected file is executed by copying themselves into other executable files and can remain in memory long after the virus has activated. Thousands of different file infecting viruses exist, but similar to boot sector viruses, the vast majority operates in a DOS 16-bit environment. Some, however, have successfully infected the Microsoft Windows, IBM OS/2, and Apple Computer Macintosh environments. File viruses can be separated further into sub-categories by the way they manipulate their targets: TSR FILE VIRUSES A less common type of virus is the terminate-and-stay-resident file virus. As the name suggests these infect files usually these are .com and .exe files. there are however some device driver viruses, some viruses that infect overlay files, and although over 99% of executable programs have the extension .com and .exe, some do not .For a TSR virus to spread some one has to run an infected program. The virus goes memory resident typically looking at each program run thereafter and infects it. Examples of TSR file viruses are Dark Avenger and Green Caterpillar. OVERWRITING VIRUSES

These viruses infect by overwriting part of their target with their own code but, by doing so, they damage the file. The file will never serve another purpose other than spreading the virus further. Because of this they are usually detected quickly and do not spread easily. PARASITIC VIRUSES These viruses attach themselves to executables without substantially changing the contents of the host program. They attach by adding their code to the beginning, end, or even middle of the file and divert program flow so that the virus is executed first. When the virus has finished its job, control is passed on to the host. Execution of the host is a little delayed but this is usually not noticeable. MACRO VIRUSES Many older applications had simple macro systems that allowed the user to record a sequence of operations within the application and associate them with a specific keystroke. Later, the user could perform the same sequence of operations by merely hitting the specified key. Newer applications provide much more complex macro systems. User can write entire macroprograms that run within the word processor or spreadsheet environment and are attached directly onto word processing and spreadsheet files. Unfortunately, this ability also makes it possible to create macro viruses. Macro viruses currently account for about 80 percent of all viruses, according to the International Computer Security Association (ICSA), and are the fastest growing viruses in computer history. Unlike other virus types, macro viruses arent specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications. Macro viruses are, however, application-specific. A macro virus is designed to infect a specific type of document file, such as Microsoft word or excel files. They infect macro utilities that accompany such applications as Microsoft Word and Excel, which means a Word macro virus cannot infect an Excel document and vice versa. A macro virus is embedded in a document file and can travel between data files in the application and can eventually infect hundreds of files if undeterred and in the process do various levels of damage to data from corrupting documents to deleting data. Macro viruses are written in "every man's programming language" -- Visual Basic -- and are relatively easy to create. They can infect at different points during a file's use, for example, when it is opened, saved, closed, or deleted A typical chronology for macro virus infection begins when an infected document or spreadsheet is loaded. The application also loads any accompanying macros that are attached to the file. If one or more of the macros meet certain criteria, the application will also immediately execute these macros. Macro viruses rely upon this auto-execution capability to gain control of the applications macro system. Once the macro virus has been loaded and executed, it waits for the user to edit a new document, and then kicks into action again. It attaches its virus macro programs onto the new document, and then allows the application to save the document normally. In this fashion, the virus spreads to another file and does so in a completely discrete fashion. Users have no idea of the infection. If this new file is later opened on another computer, the virus will once again load, be launched by the application, and find other unsuspecting files to infect. Finally, as far as a macro virus is concerned, the application serves as the operating system. A single macro virus can spread to any of the platforms on which the application is installed and running. For example, a single macro virus that uses Microsoft Word could conceivably spread to Windows 3.x, Windows 95/98, Window NT, and the Macintosh. Macro viruses for Word In the summer of 1995, Microsoft Word 6 was the first product affected with macro virus. The first one

(WM/Concept.A) was really only a proof of concept - one of the installed macros (called Payload) contained only this remark: That's enough to prove my point Most macro viruses for Word use a feature called 'automacros'. The basic principle is that some macros with special names are automatically executed when Word starts, opens a file, or closes a file. The macro virus then inserts macros into NORMAL.DOT - a standard template which is loaded every time Word starts. In Word there are some ways to disable automacros but this isn't the ultimate solution. Some macro viruses use other methods to take control over the Word environment. Another method of self-protection may be to set NORMAL.DOT to read only. But this can also be bypassed and, in addition, it prevents the user from customizing the template. Macro viruses for Excel Excel has the same opportunities for virus authors as Word. It has automacros and a directory called XLSTART from which templates are automatically loaded. But Excel does not have just normal VBA macros like Word. In Excel there are so called 'formulas' macros stored in spreadsheet cells. The first macro virus using this technology was XF/Paix. Macro viruses for other MS Office products: Writing a macro virus for other Office products is not difficult. There have been already some viruses for Access, and it is expected that there will be macro viruses for Power Point in the near future. But those macro viruses are not as dangerous as the macro viruses for Word or Excel. Not because of some limitation of these other Office products, but because data files from these products are not so frequently shared. There is one danger which can be seen in today's Power Point even without native macro viruses written for this product. Programmers can include in their presentation any number of objects from Excel or Word. And these objects can be infected with macro viruses - if they edit the presentation and open the infected object with its parent application, then the virus can spread further. But the current situation may change dramatically over the next few years. Microsoft has licensed VBA technology to many firms, so one can expect to see more macro viruses for other products, too. POLYMORPHIC VIRUSES This type of virus can change itself each time it is copied, making it difficult to isolate. Most simple viruses attach identical copies of themselves to the files they infect. An anti-virus program can detect the viruss code (or signature) because it is always the same and quickly ferret out the virus. To avoid such easy detection, polymorphic viruses operate somewhat differently. Unlike the simple virus, when a polymorphic virus infects a program, it scrambles its virus code in the program body. This scrambling means that no two infections look the same, making detection more difficult. These viruses create a new decryption routine each time they infect, so every infected file will have a different sequence of virus code. STEALTH VIRUSES Stealth viruses actively seek to conceal themselves from attempts to detect or remove them. They also can conceal changes they make to other files, hiding the damage from the user and the operating system. Stealth viruses, or Interrupt Interceptors, as they are sometimes called, take control of key DOS-level

instructions by intercepting the interrupt table, which is located at the beginning of memory. This gives the virus the ability to do two important things: 1) gain control of the system by re-directing the interrupt calls, and 2) hide itself to prevent detection. They use techniques such as intercepting disk reads to provide an uninfected copy of the original item in place of the infected copy (read-stealthing viruses), altering disk directory or folder data for infected program files (size-stealthing), or both. For example, the Whale virus is a size-stealthing virus. It infects .EXE program files and alters the folder entries of infected files when other programs attempt to read them. The Whale virus adds 9216 bytes to an infected file. Because changes in file size are an indication that a virus might be present, the virus then subtracts the same number of bytes (9216) from the file size given in the directory/folder entry to trick the user into believing that the files size has not changed. An antivirus program which is not equipped with anti-stealth technology will be deceived. COMPANION VIRUSES A companion virus is the exception to the rule that a virus must attach itself to a file. The companion virus instead creates a new file and relies on a behavior of DOS to execute it instead of the program file that is normally executed. These viruses target EXE programs. They create another file of the same name but with a COM extension containing the virus code. These viruses take advantage of a property of MS-DOS which allows files to share the same first name in the same directory (e.g. ABC.EXE and ABC.COM) but executes COM files in preference to EXE files. For example, the companion virus might create a file named CHKDSK.COM and place it in the same directory as CHKDSK.EXE. Whenever DOS must choose between executing two files of the same name where one has an .EXE extension and the other a .COM extension, it executes the .COM file. This is not an effective way of spreading but has one big advantage - it does not amend files in any way and so can escape integrity tests or resident protection. Another method which can be used by companion viruses is based on defined path. A virus simply puts an infected file into the path listed before the directory within the original program. PROGRAM VIRUSES Like normal programs, program viruses must be written for a specific operating system. The vast majority of viruses are written for DOS but some have been written for Windows 3.x, Windows 95/98, and even UNIX. All versions of Windows are compatible with DOS and can host DOS viruses with varying degrees of success. Program viruses infect program files, which commonly have extensions such as .COM, .EXE, .SYS, .DLL, .OVL, or .SCR. Program files are attractive targets for virus writers because they are widely used and have relatively simple formats to which viruses can attach. Malicious Programs and Scripts Viruses that infect agent programs (such as those that download software from the Internet; for example, JAVA and ActiveX). WORM A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. An entire LAN or corporate e-mail system can become totally clogged with copies of a worm, rendering it useless. Worms are commonly spread over the internet via e-mail message attachments and through internet relay chat channels. For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001. A worm usually exploits some sort of security hole in a piece of software or the operating system. For

example, the Slammer worm (which caused mayhem in January 2003) exploited a hole in Microsoft's SQL server. Worms use up computer time and network bandwidth when they are replicating, and they often have some sort of evil intent. A worm called Code Red made huge headlines in 2001. Experts predicted that this worm could clog the Internet so effectively that things would completely grind to a halt. The Code Red worm slowed down Internet traffic when it began to replicate itself, but not nearly as badly as predicted. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that do not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server. The new copy then scanned for other servers to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands of copies. The Code Red worm was designed to do three things: Replicate itself for the first 20 days of each month Replace Web pages on infected servers with a page that declares "Hacked by Chinese" Launch a concerted attack on the White House Web server in an attempt to overwhelm it The most common version of Code Red is a variation, typically referred to as a mutated strain, of the original Ida Code Red that replicated itself on July 19, 2001. TROJAN HORSES Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that something defined as malicious. Most often, Trojans are associated with remote access programs that perform illicit operations such as password-stealing or which allow compromised machines to be used for targeted denial of service attacks. One of the more basic forms of a denial of service (DoS) attack involves flooding a target system with so much data, traffic, or commands that it can no longer perform its core functions. When multiple machines are gathered together to launch such an attack, it is known as a distributed denial of service attack, or DDoS. Because Trojan horses do not make duplicates of themselves on the victims disk (or copy themselves to other disks), they are not technically viruses. But because they can do harm, many experts consider them to be a type of virus. Trojan horses are often used as by hackers to create a back door to an infected system. Trojans, such as BackOrrifice are very dangerous. If anyone runs this program and his computer is connected to the internet, then the hacker can take control of that computer transfer files to or from the computer, capture screen contents, run any program or kill any running process, etc. Once a Trojan is installed onto the system this program has the same privileges as the user of the computer and can exploit the system to do something the user did not intend such as: Delete files Transmit to the intruder any files that the user can read Change any files that the user can modify Install other programs with the users privileges Execute privilege-elevation attacksthe Trojan can attempt to exploit a weakness to raise the level of access beyond the user running the Trojan. If successful, the Trojan can operate with increased privileges. Install viruses Install other Trojans The Following Tips Will Help The User To Minimize Virus Risk: If the users are truly worried about traditional (as opposed to e-mail) viruses, they should be running a more secure operating system like UNIX. One should never hear about viruses on these operating

systems because the security features keep viruses (and unwanted human visitors) away from the hard disk.Z If the users are using an unsecured operating system, then buying virus protection software is a nice safeguard. Some popular anti virus programs include:Z McAfee Virus Scan Norton Anti Virus Virex PCcillin Avast! AVG Anti Virus System Automatic protection of anti-virus software should be turned on at all times.Z The users should perform a manual scan (or schedule a scan to occur automatically) of their hard disks weekly. These scans supplement automatic protection and confirm that the computer is virusfree.Z Scan all floppy disks before first use.Z Disable floppy disk booting -- most computers now allow the user to do this, and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.Z The users should Enable Automatic Update option of their anti-virus software in order to update their virus definition files.Z Creation and maintenance of a rescue disk should be done by the user in order to facilitate recovery from certain boot viruses.Z Periodic backups of the hard disk should be done.Z Users should buy legal copies of all software they use and make write-protected backups.Z Email messages and email attachments from unknown people should not be opened. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Further it should be verified that the "author" of the email has sent the attachments. Newer viruses can send email messages that appear to be from a person user know.Z The potential users should make sure that Macro Virus Protection is enabled in all Microsoft applications, and they should never run macros in a document unless they know specifically the functionality of the macros.Z Appropriate Passwords should be assigned to the shared network drives.Z Things that are not viruses! Joke programs Joke programs are not viruses and do not inflict any damage. Their purpose is to frighten their victims into thinking that a virus has infected and damaged their system. For example, a joke program may display a message warning the user not to touch any keys or else the computers hard disk will be formatted. Droppers A dropper is a program that is not a virus, nor is it infected with a virus but when run it installs a virus into memory on to the disk, or onto a file. Droppers have been written sometimes as a convenient carrier for a virus and sometimes as an act of sabotage. Hoaxes There must be very few people on email who haven't received a chain letter with the subject line warning of a virus doing the rounds. These are often hoaxes and meant to scare people and have fun at their expense. The warnings encourage the recipient of the e-mail to pass the warning to the

netizens and thus create an unnecessary furor, besides clogging mailboxes, as it usurps an air of credibility. Methodology of virus detection applied by antivirus softwares: Three main methods exist for detecting viruses: integrity checking (also known as checksumming), behavior monitoring and pattern matching (scanning). Integrity checking Antivirus programs that use integrity checking start by building an initial record of the status (size, time, date, etc.) of every application file on the hard drive. Using this data, checksumming programs then monitor the files to see if changes have been made. If the status changes, the integrity checker warns the user of a possible virus. However, this method has several disadvantages, the biggest being that false alarms are altogether too common. The records used by checksumming programs are often rendered obsolete by legitimate programs, which, in their normal course of operations, make changes to files that appear to the Integrity checker to be viral activity. Another weakness of integrity checking is that it can only alert the user after a virus has infected the system. Behavior monitoring Behavior Monitoring programs are usually terminate and stay resident (TSR) and constantly monitor requests that are passed to the interrupt table. These programs are on the lookout for activities that a virus might engage in--requests to write to a boot sector, opening an executable program for writing, or placing itself resident in memory. The behavior these programs monitor is derived from a userconfigurable set of rules. Pattern matching Using a process called "pattern matching," the anti-virus software draws upon an extensive database of virus patterns to identify known virus signatures, or telltale snippets of virus code. Key areas of each scanned file are compared against the list of thousands of virus signatures that the anti-virus software has on record. Whenever a match occurs, the anti-virus software takes the action the user has configured: Clean, Delete, Quarantine, Pass (Deny Access for Real-time Scan), or Rename. Self Defense Mechanisms Evolved By Viruses Virus authors of course wish that their child successfully lives. For this reason there are many viruses outfitted with some self-defense mechanisms against anti virus systems. Passive Defense : Viruses use a variety of methods to hide themselves from antivirus programs. Passive defense uses programming methods which make analysis of the virus more difficult, e.g. polymorphic viruses which were developed to counter scanners looking for constant strings of virus code. Today antivirus systems are capable of analyzing polymorphic code and searching for virus identifiers in the decrypted body. The virus authors reacted by making the encryption too complex for antivirus software to unravel, thus mistaking it for a clean program. Active Self-defense : Viruses actively defend themselves by protecting their own code or by attempting to damage antivirus software. A simple method is to locate antivirus software databases and amend or delete them. More sophisticated resident viruses use stealth techniques. When they detect a request to use an

infected file, they can temporarily "clean" it or report its original (uninfected) parameters. They can monitor which programs are being executed and react if it is antivirus software. The list of such reactions is endless. Usually, the execution of the antivirus program is refused, but it could be erased (often accompanied by a bogus error message) or the virus suspends its activities while it runs. There are occasionally extremely 'clever' viruses which modify the code of a specific AV program to partially disable it. There are very rare viruses which consider an attempt to run an anti-virus program as arrogant and immediately reply with some revenge action - for example hard disk formatting. Trap A trap is the most malicious form of self-defense and works as follows. Although the users computer is infected but everything appears to work correctly. Once the user discovers the virus and removes it things get complicated - programs no longer run properly or the hard disk may become inaccessible even when booting from a clean system diskette. The best known trap virus is One_Half. It continuously encrypts the data on a hard disk (two tracks on every boot). If it is removed from the partition sector before data files are decoded then some files will become inaccessible. At this stage the situation is serious but recovery of the data is still possible. However, if the user runs a disk utility (Scandisk etc.) to repair the damage then the data will almost certainly be lost forever. These utilities are designed to repair relatively minor damage to file system and do not recognize the encrypted data.

A REPORTER'S TOOLKIT: HEALTH INFORMATION TECHNOLOGY

Key Facts
y
Health information technology (IT) encompasses a broad array of technologies involved

in managing and sharing patient information electronically, rather than through paper records. y y Health IT has the potential to improve patient safety, health care quality, efficiency and data collection and may help restrain rising costs. Adoption of health IT has generally been slow in the U.S. For example, while one in four doctors reports using electronic health records (EHRs), fewer than one in ten is using a "fully operational" system. 1
Computerized physician order entry (CPOE) - a component of fully functional EHR

systems that may help reduce preventable medication errors by half or more. 2Few hospitals have fully implemented CPOE systems. 3 y An important challenge for health IT is its cost: who should pay? Providers are expected to bear most of the cost of implementation, while much of the savings accrue to others - insurers, patients and governments. Another challenge is protecting patient privacy. Once confidential patient information has been stored electronically, only those with a legitimate need to know should have access to it.

Background

Many in the U.S. have high hopes for health information technology, or health IT. Hospitals hope to reduce medical errors, such as ordering and administering the wrong dose of a medication. Providers hope to access and share patient information more easily, thereby improving care. Governments and businesses hope to save money by improving efficiency. According to RAND Corporation researchers, full implementation of health IT systems could produce efficiency savings as great as $77 billion per year after a 15-year adoption period. 4 But for a variety of reasons, health care providers have not fully embraced these technologies. Some experts note that high implementation costs deter providers, especially those in small group practices, from adopting new technologies. 5 Other studies suggest that implementing health IT systems might even hinder patient care, at least initially. 6 In either case, the question remains: how should policymakers help facilitate the adoption of health IT? Health IT encompasses a broad array of new technologies designed to manage and share health-related information. The most basic type of health information technology is a system that electronically collects, stores and organizes health information about patients. When properly implemented, such a system can help coordinate patient care, reduce medical errors and improve administrative efficiency. 7 Some call the information collected an electronic health record (EHR); others call it anelectronic medical record (EMR). Though some health informatics experts make a distinction between EHRs and EMRs, 8 these terms are often used interchangeably in the media. Efforts are underway to develop consensus definitions for these terms and others. 9 For convenience, we will use the term "electronic health record," or "EHR" to refer broadly to systems that collect and store patients' medical information in digital form. An EHR differs from a personal health record (PHR), which is a health record that is "owned" and maintained by an individual patient, rather than by payers or providers. Electronic record systems come in a variety of shapes and sizes. Some collect and share patient information only within a certain institution or within a certain provider group, while others are integrated into larger information networks. The capabilities of EHR systems and the extent to which they are integrated into provider practices also vary. "Fully functional" EHR systems collect and store patient data, supply patient data to providers on request, permit physicians to enter patient care orders, and assist providers in making evidencebased clinical decisions. 10 Another technology is known as computerized physician order entry (CPOE), an important part of a fully functional EHR system. This allows physicians to order prescription drugs and laboratory tests digitally, thereby eliminating errors associated with illegible hand-written prescriptions. CPOE systems check for the accuracy of prescription orders, flagging any orders that appear extreme. One study concluded that CPOE systems for prescriptions could reduce preventable medication errors by as much as 55 percent because they ensure, at a minimum, that orders are complete and legible. 11 Despite this potential, adoption of health information technology has been slow. Much clinical information in the U.S. remains on paper rather than on computers. Recent studies have shown that only about 10 percent of hospitals and providers have fully implemented EHR systems 12 and even fewer have adopted CPOE systems. 13 At the national level, the Office of the National Coordinator of Health Information Technology (ONC) was established to promote health IT and to meet the President Bush's goal of

making an electronic medical record available for most Americans by 2014. However, funding for this federal body lags well behind spending for counterpart agencies in other countries. 14 Furthermore, at the time of publication, lawmakers in the Senate were considering legislation that would mandate physicians under Medicare to use e-prescribing systems such as CPOE. 15 In order for health IT to deliver on its promise, several obstacles must be overcome. First, health IT systems must be able to speak the same language; in computer terms, they must be "interoperable." These systems must also be linked in some way. One model of such "connectivity" is a national network structured around regional networks, or health information exchanges (HIEs). 16 HIEs allow for the digital exchange of clinical information across organizations within a region or community. Organizations that run an HIE are known as regional health information organizations (RHIOs). Beyond technical considerations, there is the issue of cost. Health IT systems often carry hefty price tags. A recent study found that initial EHR costs average nearly $44,000 per fulltime provider, plus an additional $8,500 in annual operating costs, for small group practices. 17 Policymakers must decide who should pay for this. Currently, providers are expected to bear most of the initial costs, while most of the savings accrue to others. For example, hospitals often spend tens of millions of dollars on CPOE systems, providing benefits for other stakeholders-insurers, purchasers and patients. One major study found that it would cost more than $150 billion over five years to develop a nationally interoperable system, including equipping physicians with standardized IT systems. 18 Another issue is whether patient privacy might be jeopardized by health IT systems. Medical records often include personal information such as names, addresses and social security numbers, as well as confidential clinical data. In order for health IT to take hold at the national level, patients must feel assured that their information can be accessed only by those with a legitimate need to know. 19 Though the jury is still out as to whether health IT will deliver widespread improvements in efficiency, cost savings and quality of care, there are several working examples of interoperable health information technologies. The Department of Veterans Affairs greatly improved the quality of care at its facilities with a new health IT system. 20 When Hurricane Katrina struck the Gulf Coast, VA electronic health records were easily salvaged whereas untold numbers of paper records were destroyed. 21Furthermore, immunization information systems have proven to be cost-effective ways of aggregating and managing public health data. 22 These efforts are reminders of the potential that health IT may hold for reforming the entire health care system.

Selected Resources
Please email info@allhealth.org if you find that any of the links mentioned in this toolkit no longer work.

Overview: Health IT
y "Information Technology Comes to Medicine" David Blumenthal and John Glaser, New England Journal of Medicine Vol. 356: 24, June 2007

www.allhealth.org/publications/Health_information_technology/ Information_Technology_Comes_to_Medicine_71.pdf

This article explains the basics of health information technology, including a description of electronic health records, personal health records, and clinical data exchanges. The authors discuss the changing role of information technology in health care, the barriers to its adoption, and the benefits and risks of health IT. (7 pages) y "Navigating American Health Care: How Information Technology Can Foster Health Care Improvement" Karen Davenport, Center for American Progress, May 2007
www.americanprogress.org/issues/2007/05/pdf/health_it.pdf

In this report, Karen Davenport of the Center for American Progress reviews the promise of health IT and the barriers to its implementation. She then addresses strategies for improving health IT adoption, including a discussion of national interoperability standards and enhanced privacy protection. (24 pages) y "Systematic Review: Impact of Health Information Technology on Quality, Efficiency, and Costs of Medical Care" Basit Chaudhry and others, Annals of Internal Medicine, Vol. 144: 10, May 2006
www.annals.org/cgi/reprint/144/10/742.pdf

In this article, the authors present a review of recent literature assessing the effects of health IT on quality, efficiency, and cost of care. The Appendix summarizes scores of important studies on the impact of health IT, broken into relevant categories. (29 pages) y "Essential but Not Sufficient: Information Technology in Long-Term Care as an Enabler of Consumer Independence and Quality Improvement" Ross Martin and others, BearingPoint, September 2007
http://ncqltc.org/pdf/BearingPoint_Report_for_NCQLTC.pdf

This report examines the role of health information technology in long-term care and makes recommendations on how long-term care can be transformed through the application of health IT. The authors caution that health IT adoption is not an end in itself, but has tremendous potential to enable consumer independence and quality improvement in long-term care. (60 pages)

Electronic Medical Records/Electronic Health Records (EMRs/EHRs)

y "Performance Improvement Special Report" Mark Hagland, Healthcare Informatics, May 2007 www.healthcare-informatics.com (Click the "Back Issues" button, then click on the May 2007 issue.) This three-part cover story addresses many of the current issues at stake with the implementation of electronic health records. Generally, those quoted stress that EHRs have led to significant reductions in medical errors and improvements in quality. Still, some caution that these systems are exceedingly complex and administrators must be careful when integrating them into clinical practices. This issue also includes other articles on the "EMR Revolution."

"EMRs don't guarantee quality care, a review of 50,000 patient records shows" Kevin B. O'Reilly, American Medical News, August 2007 Free abstract at: http://archinte.ama-assn.org/cgi/content/short/167/13/1400 According to the study referenced in this article, physician offices using EHRs don't deliver better quality ambulatory care than those using paper records, on most quality measures examined. Researchers examined more than 50,000 patient records from more than 2,500 physician offices to draw conclusions. The study, published in the Archives of Internal Medicine on July 9, sheds light on how little is known about the quality implications of electronic systems, as they are used in everyday settings.

"Continued Progress: Hospital Use of Information Technology" American Hospital Association, February 2007 News release: www.aha.org/aha/press-release/2007/070227-pr-hitreport.html This study, sponsored by the American Hospital Association, documents the extent to which hospitals are adopting health IT. Despite the sizeable financial and implementation challenges of health IT adoption, hospitals continued to accelerate their use of health IT in 2006, this study finds, with 68 percent reporting fully or partially implemented EHR systems. Full 24-page study available at www.aha.org/aha/content/2007/pdf/070227-continuedprogress.pdf

"Paving the Way for the Second Wave of EHR Adoption" Tom Leonard, Health Management Technology, February 2007
www.healthmgttech.com/features/2007_february/0207paving_way.aspx

In this article, Tom Leonard discusses gaps in EHR adoption. While as many as 40 percent of large practices (with more than 25 physicians) have fully implemented EHR systems, smaller practices often rely on paper records due to the substantial upfront cost of implementation. Leonard argues that the next wave of EHR adoption should be hospital-based rather than physician-based in order to distribute the costs of implementation more fairly. y "Health Information Technology in the United States: The Information Base for Progress" Robert Wood Johnson Foundation, October 2006 News Release: www.rwjf.org/newsroom/newsreleasesdetail.jsp?id=10439 One in four doctors use electronic health records, according to the study described in this news release. However, fewer than one in ten are using a "fully operational" system that collects patient information, displays test results, allows providers to enter medical orders and prescriptions, and helps doctors make treatment decisions. Adoption rates remain very low due to multiple financial, technical and legal barriers. For the full 86-page report, go to:www.rwjf.org/files/publications/other/EHRReport0609.pdf. y "KP HealthConnect: The Latest on Kaiser Permanente's Electronic Health Record Project" Kaiser Permanente
www.kphealthconnectq4update.org/index.html

This site describes in detail Kaiser Permanente's multi-billion-dollar effort to develop electronic health records for all of the plan's members and to "connect 8.6 million people securely to their health care teams." Kaiser Foundation Health Plan Chairman and CEO George Halvorson notes that the system is especially helpful for emergency room patients. Problems with the system are being "aggressively" addressed, the site notes (see resource below). y "Kaiser Permanente's Electronic Health Records Project Has Technical Problems" Los Angeles Times, February 21, 2007 Summarized at www.medicalnewstoday.com/articles/63273.php The Los Angeles Times reports that Kaiser Permanente's EHR project (see reference above) has experienced "repeated technical problems," such as being less than fully operational at certain Kaiser facilities. The glitches caused staff to revert to paper records for a time, increasing the risk of error, according to the paper. y "How Common are Electronic Health Records in the United States? A Summary of the Evidence" Ashish Jha and others, Health Affairs, Vol. 25: 6, 2006 Free abstract available at: content.healthaffairs.org/cgi/reprint/25/6/w496 This web-exclusive article from Health Affairs identifies recent surveys on EHR adoption, assesses their quality, and synthesizes key findings to provide a national estimate of EHR adoption. The authors conclude that through 2005, 23.9 percent of physicians used EHRs in the ambulatory setting, while 5 percent of hospitals used computerized physician order entry. y "Can Electronic Medical Record Systems Transform Health Care? Potential Health Benefits, Savings, and Costs" Richard Hillestad and others, Health Affairs, Vol. 24: 5, 2005 Free abstract available at: content.healthaffairs.org/cgi/content/full/24/5/1103 This article assesses the health and financial benefits of implementing electronic medical record systems. The authors conclude that in addition to helping to coordinate care, ensure quality and reduce medical errors, electronic medical records have the potential to lower costs drastically.

Computerized Physician Order Entry (CPOE)

y "Computer Physician Order Entry: Fact Sheet" The Leapfrog Group, 2007
www.leapfroggroup.org/media/file/ Leapfrog-Computer_Physician_Order_Entry_Fact_Sheet.pdf

This fact sheet, put together by The Leapfrog Group, outlines key findings from several recent studies on computerized physician order entry, including one study that showed that implementation of CPOE systems at all non-rural U.S. hospitals could prevent between 570,000 and 907,000 serious medication errors each year. The authors also discuss barriers to implementation.

"Evaluation of Outpatient Computerized Physician Medication Order Entry Systems: A Systematic Review" Saeid Eslami and others, Journal of the American Medical Informatics Association, Vol. 14:4, April 2007. Free abstract available at: www.jamia.org/cgi/content/abstract/14/4/400 This paper provides a systematic literature review of CPOE evaluation studies and finds only one study showing significant reduction in medication errors due to CPOE adoption. The authors conclude that further research is needed to determine the full impact of CPOE systems.

"U.S. Adoption of Computerized Physician Order Entry Systems" David Cutler and others, Health Affairs, Vol. 24: 6, 2005 Free abstract available at:content.healthaffairs.org/cgi/content/abstract/24/6/1654 Though CPOE systems have the potential to reduce medical errors, implementation rates remain low. This article empirically examines possible explanations for low adoption rates in hospitals, focusing on hospital ownership, teaching status, profitability and the reimbursement system.

"Role of Computerized Physician Order Entry Systems in Facilitating Medication Errors" Ross Koppel and others, Journal of the American Medical Association, Vol. 293: 10, March 2005
jama.ama-assn.org/cgi/reprint/293/10/1197

While several studies have pointed to the expected safety benefits of CPOE systems, few have assessed whether such systems might themselves exacerbate medication errors. This study addresses this issue and finds 22 types of medication error risks associated with the implementation of CPOE systems. (7 pages) y "Unexpected Increased Mortality after Implementation of a Commercially Sold Computerized Physician Order Entry System" Yong Han and others, Pediatrics, Vol. 116: 6, December 2005
www.pediatrics.aappublications.org/cgi/reprint/116/6/1506

In this article, the authors argue that the implementation of a CPOE system resulted in increased pediatric mortality rates. Though careful to consider the limitations of their study, the authors point out that CPOE implementation is highly complex and consequently requires careful monitoring. (9 pages) y "Computerized Provider Order Entry Implementation: No Association with Increased Mortality Rates in an Intensive Care Unit" Mark Del Beccaro and others, Pediatrics, Vol. 118: 1, July 2006
www.pediatrics.aappublications.org/cgi/reprint/118/1/290

This study was conducted in response to the disturbing findings of the 2005 Han et al. study (listed above) and was similarly designed. Both children's hospitals implemented the same commercially available CPOE product and tested its efficacy in a pediatric intensive care setting. The authors found no association between implementing a new CPOE system and patient mortality. (8 pages)

Personal Health Records (PHRs)

y "Perspectives on the Future of Personal Health Records" Michael Barrett and others, iHealthReports, June 2007
www.chcf.org/documents/chronicdisease/PHRPerspectives.pdf

Personal health records (PHRs) enable patients to store private health information securely and to share this information with multiple health care providers at the patient's discretion. Though PHRs enable patients to be more involved in their own care, questions remain about whether they might disrupt the patient-provider relationship. Furthermore, PHRs raise serious privacy concerns. This article serves as a solid background report on PHRs. (29 pages) y "Microsoft Rolls Out Personal Health Records" Steve Lohr, The New York Times, October 4, 2007
www.nytimes.com/2007/10/04/technology/04nd-soft.html? ex=1349236800&en=a2e0ff5e7e643bc6&ei=5088&partner=rssnyt&emc=rss

On October 4, 2007, Microsoft launched the nation's first major personal health record platform: Microsoft Health Vault. The platform allows users to conduct secure health-related searches and to build their own personal health records online. Microsoft Health Vault is available to all users free of charge atwww.healthvault.com. y "How to Create Your Own Personal Health Record" Matthew Shulman, U.S.News and World Report, September 11, 2007
health.usnews.com/articles/health/2007/09/11/ how-to-create-your-own-personal-health-record.html

This article alerts consumers to the benefits of creating a personal health record. The author mentions several platforms currently available for setting up PHRs and also discusses how such technologies will improve patient-provider communication. However, patients should note privacy policies, the article warns. y "Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information" Josh Lemieux and others, Markle Foundation, December 7, 2006 Study Summary: www.markle.org/downloadable_assets/research_doc_120706.pdf News Release: www.markle.org/downloadable_assets/news_release_120706.pdf At its national conference, Connecting Americans to Their Health Care: Empowered Consumers, Personal Health Records and Emerging Technologies, the Markle Foundation and its collaborators released a study showing that the American public overwhelmingly wants access to personal health information electronically and believes such information could improve health care efficiency. Furthermore, the Markle Foundation also released a comprehensive report describing what an integrated network where consumers have access to their personal health information might look like. For the full 41-page report, which includes policy implications, go to:http://www.connectingforhealth.org/commonframework/docs/P9_NetworkedPHRs.pdf

Health Information Exchange

"Privacy, Security, and the Regional Health Information Organization" Sheera Rosenfeld and others, California HealthCare Foundation, June 2007
www.chcf.org/documents/chronicdisease/RHIOPrivacySecurity.pdf

Regional health information organizations (RHIOs), which promote electronic exchange of patient information among participants, are grappling with a variety of privacy and security issues as they evolve. This study, based on a literature review, interviews, and an informal survey, examines some of the key issues that nine RHIOs encountered and their strategies for managing them. (33 pages) y "Regional Health Information Organizations: A Vehicle for Transforming Health Care Delivery?" Michael Solomon, Journal of Medical Systems, 2007
www.springerlink.com/content/18075347129222tr/fulltext.pdf

This paper assesses the impact of three emerging RHIOs: Indiana Health Information Exchange, Inc., The Massachusetts Health Data Consortium, Inc., and Santa Barbara County Care Data Exchange. The author claims that RHIOs have great potential to transform the American health care system, although cautions that they are in their infancy. (13 pages) y "The Santa Barbara County Care Data Exchange: Lessons Learned" Robert Miller and Bradley Miller, California HealthCare Foundation, August 2007
www.chcf.org/documents/chronicdisease/SantaBarbaraLessonsLearned.pdf

This article provides a comprehensive, independent evaluation of the Santa Barbara County Care Data Exchange, one of the nation's first RHIOs, which ceased operations on December 31, 2006. Despite its closure, the project helped to focus national attention on the value of health information exchange, which led to the federal government's adoption of a plan to establish RHIOs throughout the United States. The report provides a detailed history of Santa Barbara's data exchange; examines the organizational, technical, and legal factors leading to its closure; and considers the policy implications for nascent RHIOs elsewhere. (26 pages) y "Media Release: Rhode Island Moves Forward with Development of Statewide Health Information Exchange System" Rhode Island Department of Health, July 2007
www.intersystems.com/press/2007/ri_hie.html

This press release describes the development of Rhode Island's health information exchange, a system that would allow providers to access patient information (with permission) from a variety of sources when and where needed.

Health IT and Costs

y "Health Care Spending and Use of Information Technology in OECD Countries" Gerard Anderson and others, Health Affairs, May 10, 2006
www.commonwealthfund.org/publications/publications_show.htm?doc_id=372221

In this analysis supported by The Commonwealth Fund, the authors present U.S. spending on health information technology in an international context. They also

discuss the key issues in health IT implementation: creating incentives, ensuring interoperability and protecting patient privacy. y "Return on Investment for a Computerized Physician Order Entry System" Rainu Kaushal and others, Journal of the American Medical Informatics Association, Vol. 13, 2006 Free abstract available at: www.jamia.org/cgi/content/abstract/13/3/261 This study assesses the implementation costs and financial benefits of the CPOE system at Brigham and Women's Hospital over 10 years. It finds substantial savings associated with the CPOE system. y "Health Information Technology: Can HIT Lower Costs and Improve Quality?" RAND Corporation, 2005
www.rand.org/pubs/research_briefs/2005/RAND_RB9136.pdf

This research brief summarizes the key findings of several major studies sponsored by the RAND Corporation assessing potential cost savings associated with health IT. The brief highlights projected saving of at least $77 billion annually. Links to the full reports are listed in the bibliography.

Health IT and Patient Privacy

y "Health Information Technology: Early Efforts Initiated but Comprehensive Privacy Approach Needed for National Strategy" Government Accountability Office, January 2007
www.gao.gov/new.items/d07 238.pdf

This report addresses privacy concerns inherent in the implementation of new health IT systems. It discusses steps taken at the national level to address the issue of privacy and identifies challenges associated with protecting electronic personal health information. (57 pages) y "Warnings Over Privacy Of U.S. Health Network" Robert Pear, New York Times, February 18, 2007
www.nytimes.com/2007/02/18/washington/18health.html?_r=1&ex=1176004800&en=47636 a4ca1a9b3d1&ei=5070&oref=slogin

This article reports on a January 2007 report from the Government Accountability Office (listed above). According to the report, "the Bush administration has no clear strategy to protect the privacy of patients as it promotes the use of electronic medical records throughout the nation's health care system." y "Private Health Records: Privacy Implications of the Federal Government's Health Information Technology Initiative" Carol Diamond, Markle Foundation, February 1, 2007
www.markle.org/downloadable_assets/caroldiamond_february12007final.pdf

Carol Diamond, managing director of the Markle Foundation, testifies before a Senate committee on Markle's strategy for expanding health IT and maintaining patient privacy. In her testimony, Diamond reminds the committee that while the

American public is largely in support of EHR use, there remain significant privacy concerns. She then explains how Markle's "Common Framework" for secure, authorized, and private health information sharing addresses these concerns. (26 pages) y "eHVRP Study Finds Healthcare Industry Must Do More to Protect Electronic Health Record Systems" eHealth Vulnerability Reporting Program, September 2007 News Release: www.prwebdirect.com/releases/2007/9/prweb554028.php The board of the eHealth Vulnerability Reporting Program has made public the results of a 15-month study assessing the security risks associated with electronic health record (EHR) systems. Overall, the study concludes that commercial EHR systems have significant security vulnerabilities. The study evaluated current industry information security practices, assessed level of risk related to EHR systems, benchmarked health care information security practices against other industries, and produced a set of recommendations relating to activities beneficial to protecting information systems in the healthcare industry. The full report is available at: www.ehvrp.org/report.html (39 pages)

The Future of Health IT

y "At the Helm" Healthcare Informatics, September 2007
www.healthcare-informatics.com

In this cover article, Robert Kolodner, M.D., head of the Office of the National Coordinator for Health Information Technology (ONC), talks about his plans for the future. In particular, he discusses the American Health Information Community's (AHIC) potential move into the private sector. y "Congress Moves on Health IT: One Step Forward, A Few Steps Back" Bruce M. Fried, iHealthBeat, July 2007
www.ihealthbeat.org/articles/2007/7/18/Congress-Moves-on-Health-IT-One-Step-Forward-AFew-Steps-Back.aspx?ps=1&authorid=1570#

This article discusses current health IT bills in the House and the Senate. The author says that the legislation is encouraging but emphasizes the pressing need for funding of health IT at the national level. y "Health IT bill advances in Senate; grants have bipartisan support" Dave Hansen, American Medical News, July 2007
www.ama-assn.org/amednews/2007/07/16/gvsa0716.htm

This article discusses the Wired for Health Care Quality Act, which would authorize $278 million to help subsidize the cost of health IT for physicians and hospitals. Furthermore, the article discusses the privacy provisions of the bill, which extend HIPAA privacy rules to the digital realm and mandate that patients be notified when their privacy is jeopardized.

"Lawmakers focus on federal role in promoting health IT systems" Dave Hansen, American Medical News, July 2007
www.ama-assn.org/amednews/2007/07/02/gvsc0702.htm

This article discusses recent legislative developments in health IT, specifically Sen. Sheldon Whitehouse's National Health Information Technology and Privacy Advancement Act of 2007 and Reps. Dennis Moore and Paul Ryan's Independent Health Record Trust Act. y "Health Information Technology Initiative: Major Accomplishments, 20042006" U.S. Department of Health and Human Services, 2006
www.hhs.gov/healthit/news/Accomplishments2006.pdf

This report summarizes the major accomplishments of the Health Information Technology Initiative, implemented by the U.S. Department of Health and Human Services. It describes the role the federal government has played in implementing and encouraging health IT, including the formation of the Office of the National Coordinator for Health IT (ONC) and the American Health Information Community (AHIC). y "Health Information Technology: What is the Federal Government's Role?" David Blumenthal, The Commonwealth Fund, March 2006
www.commonwealthfund.org/usr_doc/Blumenthal_HIT_907.pdf?section=4039

In this report, David Blumenthal, director of the Mass. General/Partners Institute for Health Policy, discusses what role the federal government should play in helping to implement health IT. He concludes with a discussion of recent federal legislation, suggesting that the government could intervene more aggressively to help correct market failures in health care. y "U.S. Presidential Candidates' Health Plans: Incorporating Information Technology to Provide 21st Century Care" Susan Blumenthal, Center for the Study of the Presidency, July 2007
www.thepresidency.org/Agenda2008/Agenda2008healthIT.html

This commentary by Susan Blumenthal, MD, MPA, examines the 2008 presidential candidates' health plans with respect to health IT as of July 2007. Included are sideby-side comparisons of the candidates' proposals and speculation about the future role of health IT in the American health care system.