lists at internetpolicyagency.com
Mon Dec 20 11:30:15 GMT 2010
In article <09771C89-1530-4562-9E74-E98C0165953F at gmail.com>, Mike
Simpson <mikie.simpson at gmail.com> writes
>On 20 Dec 2010, at 08:24, "Mary Hawking"
><maryhawking at tigers.demon.co.uk> wrote:
>> Of course, the problem with HMG and NHS is that, even if they know the right
>> questions to ask, they appear to have a rule either not to ask them or to
>> ignore any answers suggesting this might not be quite what is needed!
>> Mary Hawking
>As it took Jon 2 years of asking various managers within msft before
>finally getting an answer by cornering bob in a corridor at the PDC I
>really wouldn't paint that as being "upfront".
Having been at a major intergovernmental event with MSFT present, and
admitting what I recounted, I think they were.
>In summary though, without explicit legal contracts stating that your
>patient data will not leave the datacentre in the UK or EU under any
>circumstances then you cannot proceed with that company's cloud
>solution without breaching the DPA - no matter what they promise is
Agreed, and that's what the suppliers do seem happy to come clean about.
Although I don't doubt there's may still be some need to "join up" their
intergovernmental position with that of the salesmen on the ground.
More information about the ukcrypto