outsourcing GP appointments to India: is this legal under DPA?
matthew at pemble.net
Sun Jan 16 14:01:44 GMT 2011
On 16 January 2011 11:42, Roland Perry <lists at internetpolicyagency.com>wrote:
> I don't pretend to understand the details of how that security is
> implemented though. But if it's good enough for them, would it be good
> enough for the NHS?
It's not good enough for CESG. At a basic level, you can copy the material
other than using the computer - a photo of the screen or just writing it
down would be enough for data sensitive other than through mere bulk. The
"information" has clearly transfered to a human located in India ...
I'll admit I don't quite understand your porn-magnate counter-example. Happy
to get pointers directly if you think I'm missing something basic that the
rest of the list are entirely clueful of :)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ukcrypto