If one only uses the cloud (whatever that turns out to be) for data storage, then encryption <br>of that data before passing it to the storage, and decryption locally after retrieving it provides a degree of reassurance against a company with extensive hopes of government sales, or which has considerable earnings within the sphere of influence of a government, dragging copies of one's data from wherever it might be (indeterminate, presumably, if it is in a cloud) and handing it over.<br>
<br>But yes, hard to process information without being able to decrypt it.<br><br>Perhaps not impossible - the contents of each data field (but not each metadata field) might be encrypted against a key held by the user, and then passed to the server, which can assemble to fields into a correct record without decrypting the actual text.<br>
<br>It wouldn't work very well for Read Codes if they were stored in a relational database fashion, but if they were stored like EMIS does it would reconstruct the visible notes.<br><br>ANd it would not support searches of a large population quickly, as a relational database does, however it would work as well as anything does with a document model of record, which I continue to think is potentially much better for the doctors and others making the record, and no worse for those using it for day to day medicine.<br>
<br><br>Putting notes you've made on a computer someone else controls, for whatever level of in-group you care to adopt (me, me and my partners, my consortium, the NHS, all EEC health services, the world, the inhabitants of the observable universe including our entire future lightcone) is dumb. If you want to control access to them.<br>
<br><br><br><br>-- <br>Adrian Midgley <a href="http://www.defoam.net/">http://www.defoam.net/</a><br>