Sunday, 7 June 2009

NHS Security. Your personal medical records in their hands.

Our glorious leaders want everyone in the UK to have their medical records on a central computerized database with a few limited exceptions using the Orwellian principle that all pigs are equal although some are more equal than others (especially at the trough but then they were not keen to share this fact with you the Public).

Equally you the public might be a little unhappy to share certain parts of your medical history with the greater world that exists outside of your doctors (hopefully still) confidential consulting room.

One of the team recently chatted with an emeritus professor of medicine who told a saga of how long it took them to get a NHS laptop. The professor said if he had gone to a local computer store he could have walked out of the store and been using the laptop in minutes. Use the NHS to procure a laptop and it took months (of bureaucracy).

The professor still lectures and takes presentations with them on a memory stick. The professor’s new NHS laptop does not let him transfer any data from his laptop to any other device. This was especially annoying as he transferred some files from an old computer to his new one and then found he could not do the reverse after editing them. So hours of work were lost on a presentation.

Is it there to protect patient or is it there to protect Party sensitive data reaching the outside world?

However, our professor being a professor, was curious and found that there was a flaw in the NHS computer security system. Not rocket science, you could email files to the world wide web with no restriction! Might be a little slow but breakdown any problem into small pieces, transfer it and you can eventually get the whole picture! Just like a jigsaw. Takes time but it is possible.

This is like the NHS Spine a collection of everyone’s personal data and the proposed Summary Care Record that boasts that it is secure despite having over a million holes called humans. The US Department of Defence thought it was safe but a bored teenager got in despite all the layers of protection.

You can get into the NHS Spine easily as a how to do so guide was published a few years back in one of the GP rags (you do need a bit of lateral thinking here). You only have to guess a password and bingo you are in. (For any Stasi boys or girls reading, this is already well known locally to the local Stasi as they told us the next bit). What is worse that the mechanism involves the use of two third party servers located overseas in another nation. This use of third party servers overseas was allowed then under the NHS IT system.

The Stasi responded by putting in another annoying password screen using the same password we had guessed. Remember this is Northernshire which invented the computer, put a man on the moon, cracked DNA and has calculated Pi to the last decimal place and delivers “World Class Commissioning” in the top of the league table and where every Politburo commissar manager has at least one degree from Harvard or Yale.

Dream on it isn’t quite that good some of them might even share an O level but we digress.

Today our practice manager asked us to sign for a “secure” memory stick. We are allowed to “import” or transfer data from computers outside the NHS but are not allowed to “export” data to our own without one of these memory sticks.

This new security has already been a huge success as an educational meeting last week was scuppered by this policy. No one told the consultant who wanted to transfer his research data held on a NHS Super Secure Computer to a laptop that he could not do so using his own memory stick.

Result a large chunk of our practice who had arranged to attend an educational meeting was disabled by a delta grade IT manager who introduced this policy but didn’t tell anyone and was trying to do what they could never do. Think, and improve security.

If you are concerned about your data then please have a glance at this website.

This is being introduced by stealth and at present there is only one possible way of opting out so we would urge you to read. Most of our staff and families have already done so as they know how secure the system is.

Our political masters have been concerned that their finances have suddenly become available to the Public. If, for example, you had an abortion as a teenager that you did not want your intended husband to know about this would you want this known outside of your doctor’s consulting room? Especially if you had not told your mother and she was best mates with your intended husband’s mum? Using the NHS record anyone working in the NHS with a Smartcard could access that.

You may have had a temporary addiction to drugs or alcohol that you overcame and has not been a problem for years. You apply for an important well paid job and rather than ask your GP who knows you if there is any current problem your employer might access your medical file and bang goes the job.

How could they do that? Easy a few quid to a disgruntled receptionist at any local surgery, or any other of the million “Smart” cardholders, if there is a national summary care record. Cheaper than asking a GP who knows the patient for a medical report.

A key corner stone of medical practice is confidentiality. The move towards a NHS Summary Care Record is fraught with hazard and especially inequality. Should any elected politicians be able to hide the fact that they are a paranoid, homicidal schizophrenic with intent on world destruction? Of course they should but you CANNOT.

NHS IT is a joke that all of the world can see. However it is a very frightening and expensive joke if it is not stopped.

The sharing of information is vital for good healthcare especially in the protection of the vulnerable for example children.

Computers do not enable this as they do not talk to human beings. The sharing of information is vital and the easiest way to do so is to talk to people. This is why the Party have taken away our district nurses and more importantly our health visitors
convinced that using a crap computer system called System One will mean there will never be another Baby P. Right.

A simple conversation or an observation passed on by a one grunt in the field to another will protect more people than endless billions of computers. They only talk to each other depending on those who program them. In the NHS IT service, it is the thick who do this and they can barely read or write let alone indulge in any meaningful communication as we never see them.

We only receive their edicts of which the “secure” memory stick is one. No consultation, no consideration of the downside just another top down edict from the dummkopfs.

The biggest risk to patient data is the human being. Memory sticks, CD-ROMs and laptops cannot walk on their own so if they go missing there is only one person to blame and it is not technology. Using technology will never solve this weak link. This is why so much time is spent teaching grunts the impotence of confidentiality.

The idiots in NHS IT care not for confidentiality they just want data. Your data for knowledge is power. If it were a level playing field that might seem reasonable. Until our politicians are prepared to share their medical records on line as freely as they have shared their expense details the NHS Summary Care Record will be a gross example of the haves and have nots.

Secure memory sticks are a joke as they will not prevent data loss and we will not have them. After all what is on them? We respect confidentiality and if we take data home it is protected to the best of our ability and returned as soon as it has been used. Only secure human beings will protect data. The solution to this is not technology it is training and trust. The NHS does neither of these well in IT.

Praise be to the Party for telling us why confidentiality is king. Another expenses leak anyone? Hard cases make bad law. If we jot a memo on a NHS computer we cannot take it home on a memory stick but we can send to everyone on the worldwide web. Security? We love amateurs.

No comments: