back to article Lib Dems call for new NHS data security rules

The Liberal Democrats have called on the government to accept a set of priorities to stop the loss of confidential patient data from the health service. The party's shadow health secretary Norman Lamb has set out the priorities following the revelation, prompted by freedom of information (FoI) requests by the Lib Dems, of more …


This topic is closed for new posts.

New rules?.. NEW RULES??


They can't comply fully with the fecking old ones, FFS!

Unless, of course, the new ones are more, shall we say, relaxed.

Bronze badge

The Big Opt-Out

In case any readers haven't yet registered their desire to opt-out of the NHS database and are prompted to do so, the NHS Confidentiality Campaign has a form letter here:



This isn't brain surgery

How hard could it be for government to just mandate AES encryption on all disks and media that they or their service providers use from a date in the not too distant future? Quick boost for the data security economy and done and dusted.

Then they just need to educate numpty users to not send it home or print it out.

Mine's the one with the Truecrypt container in the pocket.

Paris Hilton

"reporting as many incidents"

Could this be because they are reporting better than the private sector?

Yes, the NHS has a lot of data but, as a public body, its activities are a bit more transparent than the better funded private sector.

Paris, 'cos her sector is publically monitored.

Anonymous Coward


Pretty much all but the last are already in place, in not so many words. The problem tends to be end users who think it all applies to Other People.


A title is required.

"How hard could it be for government to just mandate AES encryption on all disks and media that they or their service providers use from a date in the not too distant future? Quick boost for the data security economy and done and dusted.

Then they just need to educate numpty users to not send it home or print it out."


So, to be clear you mean, like the way it is mandated and implemented?

Of course, educating the users (permanently) is an impossibility. However, it is a sackable offence to put non encrypted data on removable storage in the NHS which gets their attention when they are told. As we all know though users have a short attention frame and forget things like this quickly.

Anon, cos um. Yeah.

Anonymous Coward


AC because this is something I kno 2 well. NHS iz meh clientz.

Let's consider the 5 points....

1. The Department of Health should publish minimum standards for the protection of data on mobile devices and ensure that all NHS staff are aware of their particular responsibilities.

Really? First off - define "mobile device". Does this include pagers? Or mobile phones? Data protection and security standards already exist. This is contradicted by point 2.

2. Patient records should not be stored on mobile devices and strict rules must apply to control the copying of data. Any exceptions must be authorised after a risk assessment.

No need for the protection of data on mobile devices if you don't store data on them. My partner works in the NHS and can connect to work via VPN, but the laptop build is quite fierce. Local printing? No. USB storage devices? No. It's a DVD-Rom, not a rewriteable. The only way to get anything out is to email as an attachment, but that can easily be stomped on if required. And she has no access to patient data. With decent role profiles, you could be very selective about email attachments.

3. All mobile data devices should be protected through appropriate security controls, including the use of authentication, encryption, and other technical separation controls as well as registration and allocation of devices to an 'owner'.

Erm.... doesn't point 2 render this largely irrelevant?

4. Lapses in standards of care should be regarded as potential serious misconduct.

Care? What is "care" - to me that means patient care. If we are talking violations of security policy, this is a violation of TRUST. Which is significantly different. And it is regarded as potential serious misconduct already. It's more "loose lips sink ships" rather than letting someone die due to neglience/malpractice.

5. The government should formally abandon its plans for a national patient database.

Why? With the right safeguards in place, this is a no-brainer. It saves lives. Let me put it this way. I have a serious medical condition. Some standard treatments can kill me. If I am unconscious and poll up at A&E, I want them to be able to access my patient records so that they don't kill me. Also, I moved house recently. This caused me all sorts of problems with records and the non-seamless transition of care. And the duplication of effort. Worst case, re-keying of data. Been then, done that and it is a fearful waste of money.

Oh, some of the e-enabled bits of the NHS aren't that e-enabled. The box that you send stuff to actually has tiny people in it, who print stuff out on tiny printers and re-key the data on tiny computers.

With the right safeguards, I repeat. Some parts of the NHS already have them, but there are weak points such as PCTs, single handed/small GP surgeries (as opposed to big practises) and consultants with both NHS and private practise who push patients between the two.

Oh yes, the government's approach to NHS IT is fundamentally flawed - but that does not mean that the goals are wrong. OK, some of the mooted ideas about passing on non-anonymised data to researchers are just plain wrong, but the general impulse is right.

The reasons for the failure of public sector IT projects are many and various. One very compelling argument I've seen is that the magnitude of the projects is much greater than is seen in the private sector, in terms of the numbers of persons it deals with.

I can remember reading a very interesting article about standards for patient records in Scientific American - but my memory isn't so good. Can someone oblige?

The theft of an entire GP system? Well, it should have decent security. But, even so, the fact that an entire system can be stolen suggests a lack of physical security. For example, steal my server? No. Not unless you are prepared to get past my cameras, my alarms and carry fairly meaty grinder. I've bolted my server into a concrete foundation with big security bolts. And the server has an alarm too. It's encrypted too. That's if you can spot it. It's in an non-obvious location. Other things as well. None of them particularly expensive.

Which brings me back to the 5 points. Where is the mention of physical security? Nowhere. Physical security is the primary line of defence against a lot of the hoo-hah we've seen about government departments losing data, etc... USB sticks - wear round your neck on a lanyard in side your shirt. Laptops. Never on display. Keep out of site behind at least two sets of locks. Etc...



small practices are quite secure against actual threats

I'd disagree that large practices are necessarily more secure than small ones. As a singlehander I knew everyone who should be in the building. As one of three partners I still do. As one of 15 ...

And I don't think the national database is the way to go. Access under rules to distributed and existing systems is a more informatically sensible and more secure approach. It also looks a lot easier to implement - build a terminal which lies to the clinical system about being one of the usual terminals, and works through the usual messages to that clinical system to ask the usual questions, while talking on the other side to those it believes to be authenticated users outside.

Authentication is also better distributed, but there is a role for a central system - just a smaller and better understood one than the alleged spine.

IT Angle

I need patient data on mobile devices...

I'm a GP, and had computers in our practice for 21 years.

I carry a Windows Mobile device with a cut down version of all of my patients records (encrypted) to enable me to manage patients when I visit them. The alternative is to take reams of insecure paper records - which I have to print out in advance, and which are MUCH less secure and easy to lose / leave behind.

I have a full copy of the practice medical database encrypted on my laptop. Each evening I update that and take it home. If the whole practice burns down, or the server dies before the overnight backup runs, or someone steals the server (lots of physical security in the premises) then I have a working version of the practice database that can be run off that laptop.

My copy of the practice's database is part of our Disaster Recovery programme.

So don't start telling me that I cannot take patient records out of the practuice - it is essential to do so for DR and to enable me to treat patients.

Laurie Miles, GP

This topic is closed for new posts.