Thursday, January 13, 2005

Spy in the GPs surgery

Alice Miles at the Times thinks that the electronic patient record has far more worrying implications for personal privacy than that dreaded national ID card.

"The what? Quite. The NHS’s electronic patient record is already up and running. It contains basic demographic data — name, address, date of birth — for every person in the country. This year the system will “go live”, area by area, with more and more of a patient’s personal medical record added to it. It will be far more intrusive than an ID card. And hundreds of thousands of NHS employees will have access to it. Wave bye bye to patient confidentiality.

No system with that many users can be secure.

You may not even know it is happening. Local advertising campaigns will alert patients that the system is starting up in their area. If you fail to notice the adverts, your GP is under no obligation to inform you that he is about to post your most private details online."

Ross Anderson has been alerting us to the security issues with this for years.

No comments: