CAP consultation and extension of access to PDS

David Hansen ukcrypto at chiark.greenend.org.uk
Tue, 14 Apr 2009 09:56:42 +0100 

On 14 Apr 2009 at 7:30, Mary Hawking wrote:

> PDS - the Personal Demographic Service - is the database held by CfH for 
> the NHS where all the population of England have their NHS numbers and 
> demographics recorded and accessible.
> To access PDS you need to have a smartcard and be operating in a role 
> needing access - to the whole population of England registered with a 
> GP.

<http://www.connectingforhealth.nhs.uk/systemsandservices/demographics/p
ds/contents/index_html> lists the fields of a system which is an open 
target for criminals aiming to undertake "identity theft". Which 
cretins came up with such a system and made it open to every Tom, Dick 
and Harriet with a piece of plastic?

> This consultation on the Common Assessment Framework
> http://www.dh.gov.uk/en/Consultations/Liveconsultations/DH_093438
> (which closes on 17th April) plans to use the NHS Number as the unique 
> identifier for care plans which spread across Health and Social Services 
> and for that will need many people outside the NHS to have access to 
> PDS.
> Does anyone else feel this is a security and privacy issue?

The issue is the PDS. Adding more Toms, Dicks and Harriets does not 
make for a step change.

Page 19 includes the following empty waffle:

`We will not share health information that identifies you (particularly 
with other government agencies) for any reason other than providing 
your care, unless:
 you ask us to do so;
 we ask and you give us specific permission;
 we have to do this by law;
 we have special permission for health or research purposes; or
 we have special permission because the public good is thought to be 
of greater importance than your confidentiality.´

The first two bullet points are fine [1]. The third is debatable. The 
last two are outrageous and just show how arrogant and uncaring about 
people the medical mob [2] are.

[1] fine provided it is explicit. No empty phrases like, "other 
bodies".

[2] a term which does not just mean quacks. It covers all those 
involved in health.







-- 
  David Hansen, Edinburgh 
 I will *always* explain revoked encryption keys, unless RIP prevents 
me   
http://www.opsi.gov.uk/acts/acts2000/00023--e.htm#54