In defense of Alex
OK guys, lighten up.
I would agree with ribbing Alex a bit for considering a database the IDEAL solution, but he does have a point - one of the huge problems is the absence of data sharing. There are a couple of ways of fixing that, and a central database is one of them.
However, I note with interest that nobody disagrees with the database per se - the main concerns and flames are about access control which in the current model appears, well, let's call it weak and consider it a mild understatement (cough).
At the moment we have no idea if this database will really help or not. The statements made in Parliament were misguided and in some places wrong, but let's consider the available skill level there - who knows if she even understood the briefing? I bet it was full of jargon to start with which defies most mere mortals, let alone MPs :-).
However much I'm against the idea of giving this government even more data to lose, maybe we should concentrate on what can be done to make databases and information management overall safer (and offer some new ideas while we're at it). There are ways to do it right, but that cannot make headway by being totally negative - we have to start somewhere. So let's start with this one.
Training the end users is at least something new. That doesn't turn them into the safe beings we'd like, but it's a start. Working on some sort of role template to restrict access is a good idea too. Creating rock solid accountability would be nice too - if you know that every access under your name will be visible on audit you'll become more careful too. Etc etc etc.
What I'm especially interested in here is the disaster planning for when a leak occurs. This is called managing risk, and I would hope to see evidence that this project has thought a bit beyond just managing the bad press if it goes wrong. Realistically, anything that size will always have some leakage (usually via personnel) so you need to plan for that. Lockdown, audit, the works. I have seen nothing so far which actually worries me more because it suggests an absence of realistic risk assessment. Given the people involved I can't quite believe that, but I prefer evidence over assumption.
Let's get creative and constructive. Being negative is easy - it's also incredibly lazy. Granted, that's not a bad attitude for IT people (grin) but it doesn't show any insight.
Or have you all given up already?