securing distributed partial medical records?

jul kornbluth jul at healthecard.co.uk
Mon Jul 27 11:12:56 BST 2009 

Am*  allowed to blow our own trumpet - commercially speaking ?*
**
*Our Health eCard puts the complete digital medical records in the hands of
the patient.  It can be kept up to date after every encounter with
clinicians in 30 seconds flat.  And in most cases he is there on hand when
they diagnose, treat or operate on him!*
**
*Yes, it does not create one single health record, but allows
different reports for different types of secondary and tertiary care
records, but all digital images are collected together.   Clinicians in the
UK will report back to the GP and the main record will eventually be
updated, but in the immediate term a clinician may have to look at different
entries   And treatment abroad can be recorded, even if the foreign hospital
does not report back to the UK GP.*
**
*Primarily the patient is in control who gets access to his record, no
worries over confidentiality, consent or similar issues.  The clinician who
has been handed the card can get on with the professional job he has been
trained to do, which is to treat the patient.*
**
*Jul Kornbluth*
**



2009/7/27 Richard Jones <rich at annexia.org>

> On Sun, Jul 26, 2009 at 10:58:30AM +0100, Adrian Midgley wrote:
> > Ross Anderson wrote:
> > > Quoting signup at bealoid.co.uk:
> >
> > > The techie would be far better trained, and have a far better
> > > understanding of "file locking, version control, access and
> > > write levels / permissions". The gynaecologist didn't have
> > > such training: she had incentives, from a direct duty of care
> > > to her patients, through to the survival of her business.
> > >
> > > Ross
> > >
> >
> > This is my feeling about the threat model.
> > I'd also add that the temptation for perfectly honest people to
> > perfectly honestly believe that what they are doing with access to
> > centrally held data is perfectly honest and wholly beneficial and that
> > nobody need be told about it, act on that perfectly honestly held belief
> > and later receive a horrible surprise when a different view surfaces
> > along with a long history of perfectly hoenst misunderstanding is
> > reduced if the xrays are on the xray server, the lab results on the lab
> > server, the GP notes on the GP server, and each server keeps a record of
> > who asks for things, and tells its custodian.
>
> There's also a psychological distinction with this: If I just have to
> type "ADRIAN MIDGLEY" into a computer terminal located in my private
> office to pull up your medical records, then that's a lot easier than
> if I have to haul myself along to your local GP and ask your GP's
> receptionist face-to-face to see your paper records.
>
> Rich.
>
> --
> Richard Jones
> Red Hat
>
>
> ______________________________________________
> This email has been scanned by Netintelligence
> http://www.netintelligence.com/email
>
>


-- 
Jul  Kornbluth
Health eSystems Ltd     (UK Company Reg.  5754837)

6 Dalston Gardens,         Stanmore HA7 1BU
Phone 020 8206 3500      Fax 020 8206 3501

e-mail      jul at healthecard.co.uk
website   www.healthecard.co.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20090727/014f1c80/attachment.htm>

More information about the ukcrypto mailing list