Reply to post:

'Coding' cockup blamed for NHS cough-up of confidential info against patients' wishes

Anonymous Coward
Anonymous Coward

Weird, it should do.

Users have to use an authentication keycard plugged into a keyboard just to log-on, so the system should know what keycard was used to log-on and when

Users access clinical NHS applications by being authenticated against the national SPINE, using an encrypted key on a Secure ID card plus PIN or password. However, these applications (i.e. medical imaging, electronic patient records) are totally separate systems linked by a common framework, so once granted access to an application and allowed the appropriate permissions, it's up the developers as to what is audit logged.

If they or the application designers decide they can't be arsed to look up your identity for auditing purposes and just log the Trust or organisation you're accessing the application from, then unfortunately that's all that will get logged.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019