Data Sharing Review

Michael Simpson ukcrypto at chiark.greenend.org.uk
Thu, 17 Jul 2008 10:29:16 +0100 

On 7/17/08, Ian Batten <igb@batten.eu.org> wrote:
> >
> > Once patients got used to putting thier finger into a reader (for
> > instance) prior to consultations with GPs, pharmacists, nursing staff,
> > SHOs (or whatever they are called these days) in hospital then it
> > would become routine very quickly.
> >
>
> Yes, because clearly getting people used to using a biometric identifier
> every time they contact the state is a desirable outcome.  I presume you
> support using fingerprints for school meals, on similar (``it would become
> routine very quickly'') grounds?
>

no.
But using fingerprints/iris scans to safeguard their data is a
*slightly* different matter.
In some spheres of addicitons it is being used to increase patient safety
<www.methameasure.co.uk>
This is in use across many pharmacies in Glasgow and has stopped
people from getting the wrong dose of what can be a pretty lethal
drug.
Not everything is a slippery slope to 1984.

> >
> >
> > It would also give them reassurance that they had control over their
> > information which is something that nobody has any assurance of at
> > present.
> >
>
> How?  Just because I need to use my fingerprint to access a system tells me
> nothing about who else has access to it.  It just provides a false sense of
> security.  It's like those fingerprint reader laptops: all I need to do is
> open the drive bay with the handy plastic lugs, remove the hard drive with
> the handy pull-off connector (SATA, now, so fewer pins to bend) and I've got
> all the data.
>

really.
good luck trying to decrypt the data on my laptop's harddrive without
access to a working quantum computer (probably)
fingerprint hash is passphrase for large key hence without it (except
for specific emergent situation) no data
GP as data controller (they act as gatekeepers for all other bits of
NHS after all)

> >
> >
> > PKI with some sort of key escrow accessible by specific medics (senior
> > A&E docs) would enable this to happen
> >
>
> Except the senior A&E docs would delegate their authority to junior staff,
> who would delegate it to the receptionists.

How, by giving them their finger or eye. I believe that there are
fingerprint devices with pulse oximeters built in to stop this.
Make it a clinical governance issue and tell them that each time they
do delegate  it they will lose a discretionary point.
>
> ian
>

The mistakes that are being made right now due to still being on paper
records and a total lack of joined up thinking between primary and
secondary care need to be stopped by designing systems to take over
the whole process. My point is that the patients need to be in control
of where their data is used or i for one will absolutely refuse to
have any of my personal data placed anywhere near the system.

<preaching to the choir>

Cryptography is the ideal solution where there are trust issues, we
are in a unique position of being able to design systems that are
secure and trustworthy from the outset, learning from previous
failures. We should grasp the nettle with both hands.

</preaching to the choir>

regards
mike