Howard Schmidt, Obama administration's cyber security czar, prepared a fantastic presentation about the four guiding principles of his cyber security plan:

• Deterrence is a primary factor in preventing cyber security threats. Applying strong protectionlike two factor authentication, one time passwords, smart cards, and implementing standard data protection systems were mentioned.
  

• Resilience is the ability to recover from an attack. Designing systems that are able to recover from an attack is paramount to national security, and especially protected health information (PHI). It was noted (in a different part) of the NIST Conference that doctors relying on Health information systems (HIT) need to ensure that a disaster recovery and backup plan is in place and is tested regularly. A doctor’s office or a hospital would be nearly impossible to operate if access to PHI is not available after moving entirely to electronic medical records.

• Privacy is important to the White House. It’s clear that legislation and the regulations that follow have privacy in mind. An good example is the Breach Notification law written into section 13402 in the HITECH ACt, part of the American Recovery and Reinvestment Act of 2009 (ARRA). The HITECH Act specifically provides safe harbors in case of a breach of encrypted PHI. The government is clearly incentivizing the use of data encryption to protect privacy.

• Partnerships with private industry were mentioned as well, although not in too much detail. Perhaps the White House wants to make sure that whatever steps they put in place have transparency to the public and the private industry.