Feeds

back to article Prime Minister's health records breached in database attack

Personal medical records belonging to Scotland's rich and powerful - including Prime Minister Gordon Brown and Holyrood's First Minister Alex Salmond - have been illegally accessed in a breach of a national database that holds details of 2.5 million people. The files contained names, ages, addresses, and occupations of the …

COMMENTS

This topic is closed for new posts.

Page:

Black Helicopters

You left out the most interesting bits

Oh come on and spill the beans.

What's Gordo taking?

My guess would be drugs to combat high blood pressure, hypothyroidism and depression.

0
0
Paris Hilton

I'll Be Opting Out, Then

I think I'll be opting out, then.

Just this morning, I got a letter from my local NHS patch telling me about the NHS Care Records Service. Amongst other things, the letter says, "The new service is being introduced to help deliver better, safer care and give you more choice about who you share your healthcare information with."

The letter goes on to say, "If you would like to have a Summary Care Record, and the added protection it can offer, you do not need to do anything - your GP will automatically create your new record on or just after 22nd June 2009." Brief details are then given on how to opt out.

With the letter came an accompanying leaflet about the NHS Care Records Service. Throughout the leaflet, the following marketing tag-line is repeated: "It's good to share." The leaflet also says, "The NHS Care Record Service uses the strongest security measures - stronger than those used for internet banking."

In light of this government's appalling track record on data security with people's personal details - not to mention the growing police state - I was already anticipating opting out. This article has pretty much decided it for me.

For those interested, the NHS Care Records Service have their own website: http://www.nhscarerecords.nhs.uk/ Their FAQ contains the following gem:-

"Is the NHS Care Records safe from hackers? How secure is the NHS Care Records Service?

"It would be very difficult to hack into it because the system uses the strongest national and international security measures available. It uses stronger safeguards than internet banking."

Paris - do I need to list reasons?

0
0
Happy

Nothing to hide ???

Sorrry last post should have read:-

Now will they see how stupid the 'nothing to hide' argument is?

0
0
Pirate

Sweet

Maybe eventually they will realise.

Muppets.

0
0

Never mind.

If they've nothing to hide, they've nothing to fear.

0
0
Anonymous Coward

It will just keep happening

and notice it is the staff that are doing it, you can just not trust anyone in the NHS cabal, they are more interested in putting into place Sharia law, and tithing to the pharmaceutical companies.

Scots are soon not to be allowed to drown their sorrows, oh alcohol naughty, but patented prescription drugs good, it is so obvious and immoral, but people just blindly follow this corrupt lot.

0
0

The weakest link...

It doesn't matter if you have 128 different 1,024 bit encryption algorithms stacked on top of each other - the weakest link in any electronic database is its users. Give them access to the entire database, and sooner or later someone will abuse their privileges and access records they have no business to be accessing.

Dare I mention "ContactPoint"?

Now here's a simple idea to make these databases a bit more secure - without the need for additional encryption algorithms etc.

If you request access to a record for a patient / client who's not normally dealt with by your team / practice, you have to get the request electronically authorised by a manager (social care databases already require manager's electronic authorisation to 'sign off' and complete certain assessments). Even when authorisation has been granted, it should create an audit trail that can be accessed by their manager - even better, automatically notify their manager of whose record has been accessed. It shouldn't create too much of a burden - I'd assume "out of area" requests are fairly infrequent...

OK, so it's not foolproof (no system could be), but the countersignature should put off the majority of people intent on nosing around...

0
0
Happy

Ha ha ha ha ha ha

Ha ha ha ha ha ha ha ha ha ha ha

Don't worry though, the ID database will be totaly secure, this kind of thing could never happen. All users will be heavily vetted.

Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha

It's in the database!

0
0
Pirate

Brilliant

Simply brilliant! Gordo's first into the (inter)national database.

Now, we still need volunteers from the DVLA to ransack other high-up politicos data, come on people, we need to get Wacky Jacky!

0
0
Boffin

To the latently Caledonophobic Dan Goodin:

Brown isn't Scottish, he's British.

Haven't you been listening to /anything/ he's been saying?

0
0
Flame

I'll Be Opting Out, Then - Part Deux

Same Anonymous Coward here.

Turns out you can't opt out of the Detailed Record, only the Summary Care Record. I've downloaded, printed and filled in the opt-out form. Looks like I'll have to talk to my GP surgery about restricting access to the Detailed Record. I'll make it absolutely clear to them that I want access restricted as much as possible, with as little sharing as possible.

I'll also tell the NHS just what I think of their FUD. For example, the leaflet they sent me includes this bit of gentle FUD:-

"Not sharing means:

* doctors may not have all the relevant information when making decisions about your treatment

* you might need to remember and regularly repeat information about your treatment, medical history and medication

* your treatment might be delayed while paper notes and results move around."

No mention of serious data security breaches, though. Or the risks of living in a Big Brother police state.

I'm frankly disgusted with how they're trying to FUD people into going along with it.

0
0

Is a title needed

Quote;

The letter goes on to say, "If you would like to have a Summary Care Record, and the added protection it can offer, you do not need to do anything - your GP will automatically create your new record on or just after 22nd June 2009." Brief details are then given on how to opt out.

This sounds a bit like p***m --- surely if you want to opt out, the record should not be created at all, if it is you are already in whether you like it or not! No, it should be opt IN then if you say no, no record is created.

The letter should say

"If you would like to have a Summary Care Record, and the added protection it can offer, see your GP who will automatically create your new record on or just after 22nd June 2009."

0
0
Anonymous Coward

@Alan, Re: Is a title needed

Opting out means no Summary Care Record is created. Or if it's been created, it gets deleted. It's automatically created unless you opt out before that happens.

0
0
Silver badge
Boffin

"highest standards of security."

*WHOOOOP* *WHOOOOP* *WHOOOOP*

Danger! Danger!

Irony level overload...!

*WHOOOOP* *WHOOOOP* *WHOOOOP*

0
0
Joke

I'm following Gordo

I'm posting my health records on Google Health to share them with everyone.

0
0
Anonymous Coward

Re: I'll be opting out then

The thing about a list of medication and alergies is that it is often required for a person who is unconcious or unresponsive. That pretty much means that you need to trust medical staff who (a) know that an inappropriate access will be detected, and (b) can expect to suffer consequences if they do so. If you have a better idea, then write it up and become famous, but that's the best one going at the moment.

In this case, the system worked as designed. A person in a position of trust abused his access, was detected, and has been arrested.

If you want to opt out, then I'm guessing you aren't strongly allergic to any common medications, and don't have any other conditions that an emergency medical team would need to know about, so go ahead. For people who regularly take fifteen or twenty medications, it is not just annoying but scary to have to tell hospital staff what they are taking. If they forget one, or the person admitting them copies the list incorrectly, they may be given something that conflicts. A database like this gives peace of mind (and better care) to a lot of people. Specifically, it can improve and speed up care for a group that makes up a minority of the population, but a significant fraction of casualty admissions.

If you are more worried about someone learning about that Viagra prescription than you are about informed emergency care, then it's good to be able to opt out. You may have a stroke and be given something that reacts badly with it while you can't think straight, but what are the chances of that? For a lot of people, the risk is much higher.

0
0

sharing

"Not sharing means:

* you might need to remember and regularly repeat information about your treatment, medical history and medication"

there are very good reasons why doctors ask you to repeat things that have nothing to do with their ability to access your records or not, similarly nurses administering drugs don't ask you questions because they don't have your records

just more government claptrap

0
0
Black Helicopters

@ Gerhardt

re: To the latently Caledonophobic Dan Goodin:

Sorry, you've got entirely the wrong end of the stick there - as a Scot, Gordo Broon is allowed, nay, ENCOURAGED to celebrate his Scottishness.

Its only being ENGLISH thats illegal.

0
0
Gold badge
Joke

@Gerhardt

Exactly what do you have against the English, Welsh and Northern Irish that makes you say that?

I think it's highly unfair of you, not to mention insulting and insensitive, to tar the rest of us with that particular brush.

0
0
Paris Hilton

I'll be opting out too.

No need for any potentially embarrassing medication here and I'm only allergic to peanuts, house dust and animal fur so I reckon I'm fairly safe in casualty unless they inject me with a bag of dry roasted and make me clean up the dog's bed with a leaky vacuum cleaner.

If I was strongly allergic to any medication I'd be wearing a medicalert tag of some description just in case my medical records weren't accessible.

Although I don't disagree that a nationally accesssible medical database is a good idea, the problem is that I don't trust them to run it securely, accurately or even efficiently.

FFS the NHS can't even manage to keep their machines patched with Windows updates which any admin who has an ounce of knowledge can do automatically with minimum/no disruption to users.

As with almost all public IT projects, this will be out of date by the time it's implemented, it will be massively over budget, it will be unreliable and prone to failure, there will be the usual gang of corporates with their snouts in the trough suckling on tax payers money and taking no part of the blame when it falls over in a smouldering heap.

Paris, no need for viagra.

0
0
Unhappy

@AC - 07:26

Unfortunately, previous comments are not just about Emergency Care Records, but the full scale, we're recording everything from coughs and colds to mental illnesses, database, not just which prescriptions are being used. The information on the database that was stolen, was a small subset of that which could be stored on the full NHS database. Someone finds out that I am allergic to pennicillin, fine, I'm not that worried, someone finds out that I have a mental illness, that's a different matter. Emergency Care Records that can only be accessed, with my permission, or when I'm unconscious, I'd be prepared to do that. Full medical records, available to anyone I have cause to meet in the NHS? I don't think so. I'll be opting out too.

Oh, and how about people just take responsibility for their own emergency medical information. People with allergies tend to wear those rather funky bracelets with all the necessary in. Bet nobody would have been able to nick Gordo's info if he'd kept it in one of those.

0
0

@ Anonymous Coward 03/03/09 07:26 GMT

If I had been found to have a seriously bad reaction to a particular drug (or any substance not generally expected to cause harm) I would certainly not want to rely on records (computerised or otherwise) or my ability to remember any of them - it would be on one of those bracelets (http://en.wikipedia.org/wiki/Medical_identification_tag) or, more reliably, tattooed on my chest.

0
0
Paris Hilton

ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha!

ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha!ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha! ha!

Paris, cos she likes a good laugh!

0
0

@Gerhardt

I try not to. He gives me a migrain... I wonder if that should be on my records...

0
0
Stop

@AC 07:37

"n this case, the system worked as designed. A person in a position of trust abused his access, was detected, and has been arrested."

But DID the system work as designed? Had this doctor accessed my record or yours would anyone have noticed?

I suspect that what actually happened is an audit was run on access to one of these individual's records. Then all individuals who had accessed that record were audited.

This may catch those who access records of the rich and famous but does nothing to protect Ms Jones from Cardiff from a stalker or similar.

0
0
Bob

*sigh*

I despair of this country when this kind of thing happens so regularly and the general public care so little that we're still on track for a national ID database. Soon enough disinterested British people will get the invasive and overbearing regime they deserve...

0
0
Stop

@AC 07:26

"n this case, the system worked as designed. A person in a position of trust abused his access, was detected, and has been arrested."

But DID the system work as designed? Had this doctor accessed my record or yours would anyone have noticed?

I suspect that what actually happened is an audit was run on access to one of these individual's records. Then all individuals who had accessed that record were audited.

This may catch those who access records of the rich and famous but does nothing to protect Ms Jones from Cardiff from a stalker or similar.

0
0
Paris Hilton

the thing about ignorance

"The thing about a list of medication and alergies is that it is often required for a person who is unconcious or unresponsive. That pretty much means that you need to trust medical staff who (a) know that an inappropriate access will be detected, and (b) can expect to suffer consequences if they do so. If you have a better idea, then write it up and become famous, but that's the best one going at the moment."

Sorry I do not believe that you have understood the critique at all. I am sure that most people here in the UK who are against this particular scheme are not necessarily against all of the foundational ideas underpinning the NHS. The problem in your argument is down to the overgeneralised use of "need to trust medical staff" nonsense. First of all it is not true that all medical staff need to be trusted. Second, the use of this database is NOT limited to "medical staff" (what ever that may be?). Third even if we had a selective vetting process (which we do not) the problem with the current agenda is the move towards centralised control not the advertised ambition. Basically it is not true that everyone who "might" under special circumstances need to have access to some medical data should under all circumstances have access to most of the data! Your proposition about "If you have a better idea, then write it up and become famous, but that's the best one going at the moment." is patronizing and either politically grounded or based on ignorance. Seriously - are you really that blind that you think the UK solution is the only one? Yes the NHS is based on an extremely worth while idea and ambition - but do you actually believe that the issues with access to healthcare data has not been dealt with anywhere else in Europe? Many countries have developed their national health systems - but without the all encompassing NHS central database or the slack "trust all medical staff without personal vetting" or selectiveness attitude. There is no need to have "one" database and there is a serious need to spend more time to develop different type of access protocols with different type of restrictions with personalised vetting models. Sorry there have been many papers and governmental reports written on this issue which is not new in any way. In the Scandinavian countries these things have been discussed since the 1970's and also in countries such as Germany and Austria there have been plentyful of "papers" written since at least the 1980's in their political strive to solve exactly the same problem. But in very different ways! As usual the UK suffers greatly from being populated by many people who seem to believe that the world is constituted only by those countries where people speak a variant of the english language... And some of those are rather developed.

0
0
Linux

Funniest thing I've heard in ages....

Gerhardt - I think you'll find Brown 'started in America' and is now a global pratt.

My guess for Brown's medication is something to counter his obvious mental decline. Lithium perhaps maybe some heavy anti psychotic's.

0
0
Gold badge
Thumb Down

@AC 07:26

"If you want to opt out"

No, whoever you are. The correct question is if I want to opt *in*.

The fact it's phrased that way says a lot about the arrogance of the people who thought this one up. The solution chosen was to rely on natural apathy to avoid any questions. Rather less "informed consent" than informed contempt (from the NHS).

Your right that that system did catch this person. But what level are they? An A&E doctor should logically have more access than a GP who will normally only treat people on their practices list. Consultants (logically) would need individual files from multiple practice lists.

But is that the way it really works? 5 minutes thought sugests some sort of hierarchy.

But what of the benefits.

"The thing about a list of medication and alergies is that it is often required for a person who is unconcious or unresponsive"

I would expect people who regularly visit their local A&E to become a recognised patient. Unless they get in trouble away from home. Don't A&E staff look for ID? Contact details of Next of Kin, GP etc? Most people I've know with such alergies and needs (typically diabetics and antibiotic allergy) wear bracelets or pendants with this information inscribed.

"For people who regularly take fifteen or twenty medications, it is not just annoying but scary"

Call me a bit of anorak but I'd be carrying a laminated (waterproof) card with that many different meds, their dosages, schedules and contact details seperatley from my wallet, possibly around my next. Who needs that range of meds? Survivors of 90% 3rd degree burns (how did they get our of Intensive Care), multiple transplant recipients?

So this system could really benefit a)People who egularly end up unconcious in their local A&E but are unrecognised by staff (their face is beaten till its unrecognisible perhaps) and have no ID of any kind on them or b) A hard core group of multi-medicated people who travel round the country (individually) getting into situations where they end up unconcious with no ID and no one to answer questions about them.

So how much of that £12.7Bn did this system consume.

Let us make it clear. We stay out of their hospitals, they stay out of our medical records.

It just hit me. You don't by any chance work A&E at one of the Glasgow hospitals at the weekends, do you?

Otherwise what is Gordo (and Alex for that matter) taking these days.

0
0
Stop

Minor Correction!

This is all well and fine, but this story relates to the Scottish NHS computer system which has nothing to do in terms of design, solution, security safeguards of the English Care records service. I dont think anyone can opt of the scottish solution.

0
0
Heart

RE: You left out the most interesting bits

"Oh come on and spill the beans.

What's Gordo taking?"

It's not just him it's Salmond too.

...and the answer is "too many greasy fry-ups and too many pies"

<-- is this the "hardened arteries" icon?

0
0
Thumb Up

@mittfh

Mittfh - everything you suggest is already built into ContactPoint and is being applied.

0
0
MGJ

The Irony

If his records were still on paper, no one would have known that someone was surfing them. Just because it became easier to do, also means it is easier to catch someone doing it. If you think that your paper medical records are securely held, you haven't been to GPs surgery recently, or been pregnant.

0
0

Opt out for important people

Well, the solution is obvious: there should be a special provision for important people. Only us plebs should be left vulnerable to such unauthorised access of our medical records.

0
0
Stop

@AC Re: Re: I'll be opting out then

Opt-out Anonymous Coward here.

I do have an allergy to a very common medication. And I agree, the official purpose of these Summary Care Records is essentially good, but the official purpose isn't necessarily the real motivation. I'm concerned about this increasingly tyrannical government we have, and how they're turning this country into some kind of fascist state (where the individual is the property of the State). I'm not going to let this government succeed by holding my health hostage in an effort to take control and therefore ownership of my identity and privacy.

Before the introduction of this NHS Care Records Service, how are people with dangerous allergies to common medications protected? One simple method is for the individual to wear an easily found medical alert bracelet. They don't have to be concious for medical staff to look for such things. It's an existing system that works well, makes sure the relevant medical information is with the patient at all times, and is pretty much immune to system crashes, data breaches, etc. It leaves the patient's medical details in the possession and control of that patient, along with their identity and privacy.

This new system puts the State in control, and relies on the State doing it right. It takes responsibility and control away from the individual, and puts them in the demonstrably unreliable and untrustworthy hands of the State. It is the Nanny State at best, fascism at worst.

You say, "In this case, the system worked as designed." It did not. While an individual suspected of the unauthorised and abusive access has been arrested and is being prosecuted (not convicted yet, might be innocent), the prospect of such a criminal conviction did not deter whoever it was who did breach the allegedly "strongest security measures". Such a breach simply wouldn't have happened without this State-centralised system.

As for how this system is supposed to protect unconcious patents, I would say that's exactly what demonstrates this system to be unnecessary. An unconcious patient can't say who they are, and without knowing the ID of the patient, the NHS Care Records Service can't be used to access their Summary Care Records - useless! That means the patient has to have suitable ID on their person for medical staff to find - essentially the same as the existing system with, say, medical alert bracelets!

Medical alert bracelets, and the like, provide important medical information immediately, then and there. No need for database look-ups. No accompanying risk of data security breaches. No problem if, for some reason, the database can't be reached at the time of a medical emergency. The individual, not the State, remains in control and possession of their own identity, personal details, and privacy. So your argument in defence of Summary Care Records is actually an argument against the whole scheme.

And then there are wider questions, such as how to make sure potential patients always have adequate ID on them - ID cards? And then there's the stuff going through parliament right now about data sharing across the State, not just within the NHS. Add it all together, and this NHS Care Records Service turns out to be more a part of New Labour's increasingly fascist State than about genuinely helping patients.

I think your FUD has backfired.

0
0
Sam

The Prime Mentalist

My money's on largactil...is the list online yet?

0
0
Heart

The Unconscious Emergency

The old chestnut of the Unconscious Emergency gets trotted out a lot in these circumstances.

First of it is pretty rare that someone pitches up unable to communicate (or without someone else who can). It is even rarer that this is caused by some pre-existing condition. Mostly they have had some sort of catastrophe such as being hit by a car or a heart attack or some blood vessel stopping working for some reason. None of these helped by past history much.

Allergies? Well occasionally relevant but again not that common - and certainly not as common as medical records say they are!

But that is not the biggest problem. The big problem is that for these few cases where past history is useful - say epilepsy, type one diabetes etc a centralised record is a rubbish way of dealing with it. Medic alert jewelry conveys the same information, does not have too many access problems and works where the record does not - supermarkets, England, France, Mt Kilimanjaro.

So please no more about Mr Unconscious (one of the duller Roger Hargreaves books) - it is a myth.

0
0

Allergies

If there's something which an emergency medical team ought to know about then surely you ought to rely on one of those bracelets with engraved information about your allergy/condition. If you rely on them being able to find your records then that assumes you carry your primary key on your person. So AC, do you have a photocopy of your NHS card in your wallet?

0
0
NB
Unhappy

nice

Nu-Lav IT security at its best.

What a bunch of clueless, brain-dead, mind-numbingly ignorant, holier-than-thou, we-know-best, fucking cocks. Also don't forgot to join the facebook group Say NO to Clause 152 (http://www.facebook.com/home.php?#/group.php?gid=54487688497) and No2ID itself. We're just one step closer to goose-stepping our way into fuhrer Broon land.

Fucking one-eyed scottish idiot.

0
0
Alert

Idiots..

I'm sorry but the majority of the responses on here are made by idiots who have no idea about information security.. "just cos you run linux dont make you a security expert" reading the story it looks like the perpetrator was caught so theres your "audit trail" working. The NHS has over 1 1/2 million employees, 22,000 network endpoints and saving lives will always trump security (any CISSP's here?) theres bound to be a few bad eggs and yes humans will always be the weakest link.

And a message to all those who are now hurrying to "opt" out.... Im sure your decision will bode you well when you are lying on a trolley unconcious in a hospital A&E dept.... again... idiots

0
0
Anonymous Coward

@Re: I'll be opting out then

Tsshh oh fuck allegies, most people who have a severe allegy have a plathera of options (wrist bands may be more useful then relying on a less then perfect database, keeping a list on them, they're your meds and allergies you manage them.)

How about you suffered perlonged sexual abuse, information that may in the wrong hands lead to any number of personal issues (limiting job opportunities (let's face it you'll probably be a liability of some sort) making you sex offenders, making you a black mail target.)

How about you've spoken to a psychiatrist about your desires towards children, again this information could be used to blackmail you, remove your ability to work and put your life at risk and also risking undue interest from the law.

There are a great many other things but those were just the first two I thought of (and they go together.) More include a wide range of mental illnesses, concerns, quibbles,

As with most personal data centralisation, it's stupid and dangerous. Sure in a perfect world where everyone one is nice and happy then there wouldn't be a problem. However that isn't what the world is like, just becouse someone can gain the trust of the idiots in charge of a database doesn't mean they arn't an evil scheming basterd.

And what kind of people have access to database, well data inputters, nurses, doctors, dba's, data anallysts, data cleansers, administrators, secretaries, trust managers, so on and so forth.

0
0
Alert

@ AC

"If you want to opt out, then I'm guessing you aren't strongly allergic to any common medications, and don't have any other conditions that an emergency medical team would need to know about, so go ahead. For people who regularly take fifteen or twenty medications, it is not just annoying but scary to have to tell hospital staff what they are taking. If they forget one, or the person admitting them copies the list incorrectly, they may be given something that conflicts"

That's all well and good but I've seen friends like that admitted to hospital recite their list verbatim and then still have the staff get it wrong, and besides just because the system is the best a bunch of incompotent muppets can cobble together whilst presumably drunk doesn't mean we should use it lieu of something more secure than a wet paper bag

0
0
Anonymous Coward

@ Anonymous Coward 07:26

You're talking about an edge case that affects very few people here. There's no need to spend billions on a database to get round this problem; use a tag.

Also, if you're seriously ill, do you want the medics to start sorting you out or start faffing about with a computer?

"That pretty much means that you need to trust medical staff who (a) know that an inappropriate access will be detected, and (b) can expect to suffer consequences if they do so." - this is bullshit, NHS staff routinely abuse their privileges, are not detected or if they are, they are not penalised. This being the exception that proves the rule.

"In this case, the system worked as designed. A person in a position of trust abused his access, was detected, and has been arrested." - stupid. sounds like you're making money out of the NHS IT bandwagon. No database means abuse of privilege is limited to the doctor's or hospital's premises, and that's the way I like it. If you construct a database it will be abused. If it's a big database on the internet it will be massively abused. FFS these fuckwits are going to put put your medical records on the fucking internet - have a look at some morons here: http://www.nhsalliance.org/media.asp?display=press_release&press_release_id=387

If this scheme is sooo fucking good how come it's getting forced down our throats? IF there are people with allergies (this appears to be the _only_ justification for siphoning £billions off to a load of dodgy IT contractors), then by all means set up a database for them, if they _want_ to be on it. My guess is that the number of takers would be in the low thousands.

The point about this farrago of bullshit is that people don't go down the pub and drone on about how there should be an NHS database - the reason being that no one wants it. This fucking monster is the bastard offspring of a politician out of a global technology services provider and we're going to be paying for it and have our details stuck on it whether we like it or not.

0
0
Stop

FFS

Surely doctors should only have access to their own patient's records.

From the Department of Common Sense.

0
0
Anonymous Coward

@Idiots..

You evidently know nothing about the trust, even if you work in it.

And you're also talking junk when you talk about A&E.

People with allergies, serious medical needs, etc, should have on them at all times identifying materials that will tell medical professionals what they need to know. Why? Well becouse you never know when an emergancy will strike.

Terrorist attack/misc disaster(plane crash in a residentual area)/Natural disasters with 100's of people injured, do you think authorities have time to check every persons medical records? No they just want to check around your neck or on your wrist then do what they need to stabilise you.

What if you get ill abroad where they don't have access to the magic database?

What if you have the same name as someone who has no allergy and they get that record first?

How are they to know you are a person in a medical record? Your national id card perchance? A medical card? If you already have a god damn medical card why doesn't have the immediate medical details of interest on it? What happens if your in a blast or a fire and the card is rendered unreadible? Will the medical card have rfid? What if the rfid has broken? No the wisest course is a necklace and wrist band, possibly ankle band aswell, anything else is rubbish.

There are probably thousands of reasons this unified database is stupid and will put lives at risk.

0
0
Stop

Charged under the DPA?

So exactly how is this Dr being charged under the DPA? For the past year the ICO have been telling members of the public that they have no powers to take DPA breaches to court and that the only option for court is a private civil prosecution where "damage" must be proved in order for a case to stand a chance.

So it is interesting to see that when the rich and famous get their data abused suddenly the ICO are taking criminal action?

Thereis not enough info in the article to determine exactly what action is being taken and how - I would be very interested to find out.

0
0
Pirate

Re: Idiots..

"saving lives will always trump security"

That's just wrong. So, so wrong.

I'm fed up with this sheep-scaring propaganda that uses the threat of death to try to herd people into submission. It's wrong, it's evil.

See the "LIVE FREE OR DIE!" comment under another article for why: http://www.theregister.co.uk/2009/03/02/convention_liberty/comments/

0
0
Bronze badge
Thumb Up

Fantastic!

Let's hope that this little example is recorded in the agenda for the next Wacky J meeting on the national comms DB. Yeah, I know. Fat chance!

Couldn't have happened to more deserving people.

0
0
Gold badge
Coat

@Gavin Jamie @AC11:04

"First of it is pretty rare that someone pitches up unable to communicate (or without someone else who can). "

Yes that's what I suspected.

@AC 11:04

One staggering figure to keep in mind. The NHS is the 3rd largest institution in the *world,* after the Indian Railway and the Chinese Army. But I doubt its anywhere near as unified.

But having said that hello Mr NHS person again (or are you another one).

"reading the story it looks like the perpetrator was caught so theres your "audit trail" working"

Impossible to say given the available details. I'd have thought the NHS would have liked to publicise this as an example of exaclty this kind of eternal vigilance.

"Im sure your decision will bode you well when you are lying on a trolley unconcious in a hospital A&E dept"

I'm a bit slow so help me out. I'm unconcious with no ID on me and no one with me (the case your predecessor was fond of). How will you get my NHS number or other key to an NHS medical record off me? Or will you treat me the old fashioned way. Treat as usual but watch for allergic reaction with existing drugs.

Since you sound like you're accessing some kind of NHS stas system perhaps you could also give us the ball park figure of how many of patients need more than 10 seperate drugs? lets get some bounds on how big a *real* problem this might actually address.

I'll be waiting.

By the way I know drugs exist for delusions but are there any specifics for low self-esteem and paranoia?

The last party conference. Gordon Brown high on a positive vibe. Tony's gone. No one (not even Gordon it appears) suspects whats coming with the banks. Polls good. Never a bette time to go to the country and get the peoples mandate. Even I would have voted for him. so with all systems go he goes Lister on us.

"Sir. All sensors indicate this is a fully working time/space engine."

"So whats the catch"

"There is none. If we set the co-ordinates it will take us anywhere in time and space instantly"

"There's always a catch Kryt's. It never works like its supposed too."

Seriously how else to explain what actually happened? A complete bottlectomy. I think Gordo should be topping up on his 'scripts

We have no need to know this information. And the doctor had no need to ask. So how could he in the first place?

You can guess whats in my jacket pocket.

0
0

Page:

This topic is closed for new posts.