Feeds

Stinky databases for tech support tales?

Plus prior art on bullet passwords

  • alert
  • submit to reddit

Business security measures using SSL

Letters There are a few sure-fire ways to anger the average Register reader.

You could, for example, book him on a three day Microsoft certified basic Office 2003 training course. You could tell him he is being outsourced to Bangalore, or ask him for help accessing the millions of pounds of your Granfather's money left in his bank account when he sadly passed away.

But if you really want to wind him up? Stick him on a database as part of a government IT project.

I had to take my father into the local hospital for an outpatient appointment, a couple of weeks ago.

His records are still on paper, with the older stuff on microfilm somewhere.

Mine are likely the same, though when I broke my leg the x-rays were on the doctor's computer.

And there were problems finding my father's records. They tend to stick at the previously-visited outpatient clinic.

An NHS database would, if it worked, solve all these problems. Solving these problems at a local level, using a uniform data format, might be a much easier problem, and it would incidentally make it much easier to transfer records when needed.

The efforts to solve the problems of patient records look to be more about centralisation than about solving the problem.

Antonia


Bugger the ID database, this NHS IT database is a lot further forward and the disclosures that could be made from it much more personal and embarressing than anything that an ID database could every hope to achieve.

I wonder if this breaches the Data Protection Act as I don't remember ever signing anything that said that anyone but those medical people actually involved directly with my medical health had a right to access this data...

And given that the thing is a complete shambles what are the chances of the security being anything other than an even greater shambles?

Wait, what am I saying... my bet is that there is _no_ security (other than _maybe_ IP address.

maybe I should start an insurance company... plenty of money to be made in health insurance I'm sure... especially when you can turn down clients claims because they didn't tell you their entire medical history and you just happen to have acquired a copy!

The government as representative of the people? Possibly and if it is it's the worst indictment I've seen of the state of society today.


Having worked on the NPfIT I know a few people who still work on the project. Recently, the teams working on the 'SPINE' (the central messaging system) got orders to remove a particular patient, their NHS number and all the relevent data from the system. From what I've heard its been no easy task with data hiding on just about every component a message travels through.

For example, if a message can't be delivered its retried a few times and then put in a undeliverable queue. Great, but nothing actually processes the undeliverable queue. This is what happens when developers design, build and run the infrastructure.

Anon


I spent 2 years working on a secure psychiatric unit for the NHS, reading the patients notes and seeing who had access to them. Given the haphazard way they were stored, a central database is an appalling idea. every man and his dog will be able to read them, and it will certainly lead to checks on peoples medical history (almost certainly without their knowledge) before they can apply for anything (loans, mortgages, jobs, etc).

Considering some of the people i looked after, their horrific histories (things done both to and by them), and how much progress some had made, a history like that would prevent them from doing pretty much anything.

If you have been committed, whether simply for evaluation or for an actual illness, you are already branded for life. This central database is only going to make things much, much worse.

one patient in particular, had episodes of severe mania and psychosis, usually lasting only a couple of weeks at a time, with a frequency of no more than once every 6 to 8 months. during these episodes they were a serious danger to themselves and their children, and i witnessed them nearly taking a finger off when attempting to make a cup of tea with a breadknife!

However, when well, there was absolutely nothing wrong with this person, and they held down a full-time management post, and took care of 2 children, as well as playing an active role within a large extended family.

in cases such as this, would this person be able to retain their employment if it became known the periodoc absences were not due to family issues or holidays, but in fact stays in a secure psych unit? i very much doubt it.

This database could easily ruin everything this person has acheived. and for what?

here is the email i sent (c)hewitt earlier....

Good morning,

I am emailing you as you are secretary of state for health. I have been reading recently about the proposed, and it would appear, under development, NHS database. There are several points I would like to raise about this database, and I would appreciate a frank and honest dialogue.

As far as I can tell, this database is, in fact, illegal, and a contravention of my human rights, as I have not been asked permission for my details to be added, I have not been consulted about this database, and I have not even been personally notified. In fact, I found out about this database from several news stories on the internet. My medical records are legally confidential between myself and my doctor, unless I give specific written permission for someone else to access them. I have not given the government permission, and again, I have not been asked or even notified that my records were to be added to a national register. Quite frankly I am disgusted at this blatant disregard for my rights, my privacy, and for your own laws.

I want written assurance that my details will not be included within the database, without my explicit written consent, which you do not, and will not have.

I look forward to your prompt reply.

Name withheld.

As do we.


From rights-stomping databases, to the future of policing

Quote: "Nice Systems call this "policing with a more human face"." I'm sure Himmler used the same terms once or twice... Davide


An interesting article about our future Robocops. Surely this information should be freely available under everybodies favourite act, the Freedom of Information Act? I think the public have a right to know who is lobbying their police force and what the precise nature of that lobbying entails. After all, in my best News of The World voice, "they spend our taxes".

If there's nothing wrong with this video what have they got to hide?

Kind regards, -ed


March has certain strengths versus NICE (and Verint) but they mainly have to do with reliability, searchability and compression algorithms.

March doesn't do voice, so the sort of 911 (or whatever the UK equivalent is) automated recognition of the word "gun" isn't part of their solution, whereas voice/audio is in fact about 2/3 of both NICE and Verint's revenue base, and they are quite good at integrating voice and video. Many applications don't care about audio - transport systems, ATMs, retail for instance.

Anon


Website security in corporate America

More from The Register

next story
WRISTJOB LOVE BONANZA: justWatch sex app promises blind date hookups
Mankind shuffles into the future, five fingers at a time
Apple's Mr Havisham: Tim Cook says dead Steve Jobs' office has remained untouched
'I literally think about him every day' says biz baron's old friend
Oi, London thief. We KNOW what you're doing - our PRECRIME system warned us
Aye, shipmate, it be just like that Minority Report
Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
Angry Microsoftie hauls auctioneers to court over stalled Pzkw. IV 'deal'
Oz carrier Tiger Air takes terror alerts to new heights
Don't doodle, it might cost you your flight
Cops apologise for leaving EXPLOSIVES in suitcase at airport
'Canine training exercise' SNAFU sees woman take home booming baggage
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.