A new survey tells us the value of your company's secrets. In other news, iPads are slowly coming to healthcare IT.

The Value of Corporate Secrets

A survey of 305 IT leaders from around the world, conducted by Forrester Consulting on behalf of Microsoft and RSA, the Security Division of EMC, revealed that most IT departments are not investing enough in protecting their organizations' most valuable secrets.

The report entitled The Value of Corporate Secrets: How Compliance and Collaboration Affect Enterprise Perceptions of Risk showed that 90% of these leaders believe that with PCI-DSS, data privacy laws, data breach regulations and existing data security policies is the primary driver of their data security programs, spending on average about 39% of their budgets on compliance-related data security programs.

The study recommends that companies identify which information is the most valuable and then create a "risk register" that separates the risks into two categories: compliance risks and misuse of secrets. By examining their current data security strategies, companies can ensure that they are balanced and appropriate for the portfolios they are protecting.

iPad and Healthcare IT

Among all the recent coverage of the iPad, very little has addressed IT compliance issues in healthcare. Until now. According to Znet Healthcare’s Dana Blankenhorn the iPad will come to healthcare IT slowly.

With so many iPhone health apps already available, it’s only a matter of time before the iPad “transforms medical practice and delivers a solid, easy-to-follow upgrade path directly from paper.” In a similar piece in January, Blankenhorn explains that the iPad meets that sweet spot between price and functionality:

The low-end version of the iPad goes fur under $500, about where the iPhone started, and comes with WiFi, which most hospitals and clinics have. The iPhone comes down to $200 with a phone carrier subsidy, and the iPad can be similarly subsidized by an Electronic Medical Record (EMR) company so it’s practically free.

GRC is at a crossroads between security, transparency and access. How they are able to intersect, interact and perform alongside each other will be telling.