securing distributed partial medical records?

[Adrian Midgley]

signup at bealoid.co.uk wrote:
> i) Each person in the chain may well think "this isn't so bad, it's not
> everything, it's just an xray, it's not all the history"

There would be considerably more people in the chain, and the audit
trails in more places.

> ii) It would tend not to be "xrays on the xray server" but everything
> from Thistown Hospital on Thistown servers, and everything on Thatplace
> hospital on Thatplace servers.  Lab results, xrays, MRIs, etc etc get
> split up by hospital, not type of service. 

Actually, they get split up by type of service.


> Going to different
> hospitals, or outside your LHA / SHA area can cause problems.  
Because there has been a focus on inventing a new system, bigger than
any other IT project done previously, by its own descriptions, rather
than enabling a small number of existing systems to be questioned by a
small number of existing systems over a network.


> I dread
> to think what happens if people need to go outside country.
THe spine doesn't solve that.

A delegated system might, where the French machines ask the French
gateway which knows or can get to know them, the French gateway is one
of 150 or so machines recognised by the English gateway, and from there
things go on much as they would within England.  With an additional note
that this is about a patient currently beleived to be in or have
business in or have had business which is now about to be concluded with
a report from France.

It seems to me that this is an approach whcih scales, and that if we
decided that no good would come of talking to some particular national
gateway, why, we could stop or not start doing that.



> But that isn't what happens now - the GPs employ practice managers and
> outsource the computer stuff.

TO not very many firms, which have considerable G influence in them.


>  And the GPs who you want to
> be in charge sometimes have nothing (absolutely nothing) to do with
> confidentiality.

Yes we do.

-- 
A