Data Sharing Review

[Michael Simpson]

On Thu, Jul 17, 2008 at 3:42 PM, Ian Batten <igb@batten.eu.org> wrote:
>>
>> in the same way that bank robbers can do the same.
>
> And banks have procedures which attempt to mitigate that risk, both to staff
> and the bank.  Sometimes they fail, but banks take staff safety, especially
> key holder safety, very seriously.
>
>> rare cases of
>> extreme circumstances should not lead to systems not being attempted
>
> Perhaps not, but the rare circumstances should be considered and risk
> analysed.  You may decide to carry the residual risk, but merely shrugging
> your shoulders as if to say ``Rare?  Hard?  Ignore'' isn't enough.
>
> It's your optimism, again.
>
> My risk analysis runs as follows.
>
> I don't have any allergies that I know of, and having reached my mid-forties
> without having a GA I have no idea if I would have a reaction to that.  I'm
> taking no medication, and have never taken anything more than obsolescent
> antibiotics for recurrent bronchitis thirty years ago and NSAIs of various
> sorts for the odd ache and pain.  I have no family history of anything well
> defined.   I had a vasectomy under local anaesthesia four or five years ago,
> and eighteen months ago I had 50mg of IV ketamine  and a night in hospital
> while a full colonel reduced my dislocated ankle.    That's my sole
> sharp-end experience of any part of the NHS other than the GP practice I've
> been registered with all my life (the senior partner's brother-in-law
> delivered me).
>
> So, my medical records can do nothing to help me.  If I'm taken into a
> hospital unconscious, there's nothing in there to affect treatment.  A GA
> will have to assume I might react, because it's an unknown.   They're going
> to have to check my blood type, because no-one ever has.  It'll be a mystery
> if that strange signal on my EEG or ECG is long-standing or not, because
> I've never had either.
>
> So, there's a potential downside of my records leaking: address, NHS number:
> ID Theft heaven.  And there's no upside.  So no amount of security can make
> that balance positive for me, so I should 93C3 my records under all
> circumstances.
>
>>
>> again i agree with the blame levelled at bad design and poor
>> implementation and just plain good ol' stupidity
>> however if the mil can do it why not leverage their experience?
>
> Their access control involves rather more barbed wire, dogs, 5.56x45 and
> 9x19 than the typical NHS hospital or data centre has available.  They can
> insist on clearance for staff.  They can write ``NOFORN'' on documents and
> mean it.   They aren't subject to whole swathes of legislation.  They can
> discipline staff, up to and including imprisonment, without recourse to the
> UK courts.  They have crown immunity, de facto or de jure, in many areas.
>  They have a totally defined chain of command.   The staff treat the data
> like their lives depend on it because, in many cases, they actually do.
>  It's a different world.
>
>
>>
>> i reckon that no matter what is said gov will go for a centralised
>> data resource for our medical records and i don't trust them.
>> what do you suggest would be the better option for securing those if
>> in fact "don't do it" is no longer an option?
>
> Here are your records Mr Batten, on this USB stick.  (Seen those Super
> Talent Pico-C ones?  Very neat).  It's not encrypted, but there are binaries
> of our recommended encryption for OSX, Windows, Linux and Solaris on the
> stick too.  If you want the source, it's there too: feel free to audit it
> yourself or pay someone you trust to do it.  Or use another encryption
> package, your choice, provided it is a drop-in replacement.  It's up to you,
> though: if you encrypt it and don't have a way to get the keymat to us in
> event you're not capable of telling us, or you simply don't have the stick
> available, it might affect your treatment.  And if _that_ worries you, then
> we'll look after a replica on our spiffy computers and make it available
> over the network when you attend the hospital, under this governance policy.
>
> Personally, see above, I'd shove the stick unencrypted in my wallet: it's of
> no more value than anything else in there.  I'd make a few backup copies,
> though, and those I'd lightly encrypt.  Others, perhaps those with, er,
> chaotic lifestyles, will take the online option.  Others will encrypt all
> the copies.
>
> ian
>
>
>

ok
you appear to be a couple of orders of magnitude up the
informed/civilisational scale than the majority of the patients that i
have treated over the years.
the only thing that ican rely on them having on their person is most
of their fingers and *maybe* one of their eyes - though not always.
- i am not kidding btw.
the idea that they would have a usb stick for longer than it takes to
swap it for a bag of heroin or the nous to give their real name when
they attend hospital is beyond even my optimism!.
i am slightly concerned that you may be *seriously* out of touch with
the majority of our underclass.
Can i at this time extend an open invitation to you and anyone else
that wishes to come on a tour of Easterhouse and Possil with me to see
the sort of folk that i am designing for. You have previous mil
experience, i'll supply the landie.
:-)
kindest regards

mike

ps #/dislocations were my raison d'etre when i was in a&e