Roland Perry lists at
Mon Dec 20 11:30:15 GMT 2010

In article <09771C89-1530-4562-9E74-E98C0165953F at>, Mike 
Simpson <mikie.simpson at> writes
>On 20 Dec 2010, at 08:24, "Mary Hawking" 
><maryhawking at> wrote:
>> Of course, the problem with HMG and NHS is that, even if they know the right
>> questions to ask, they appear to have a rule either not to ask them or to
>> ignore any answers suggesting this might not be quite what is needed!
>> Mary Hawking
>As it took Jon 2 years of asking various managers within msft before 
>finally getting an answer by cornering bob in a corridor at the PDC I 
>really wouldn't paint that as being "upfront".

Having been at a major intergovernmental event with MSFT present, and 
admitting what I recounted, I think they were.

>In summary though, without explicit legal contracts stating that your 
>patient data will not leave the datacentre in the UK or EU under any 
>circumstances then you cannot proceed with that company's cloud 
>solution without breaching the DPA - no matter what they promise is 
>"coming soon".

Agreed, and that's what the suppliers do seem happy to come clean about.

Although I don't doubt there's may still be some need to "join up" their 
intergovernmental position with that of the salesmen on the ground.
Roland Perry

More information about the ukcrypto mailing list