On Monday May 4th, the Dutch medical privacy campaigner Guido van’t Noordende will visit us in Cambridge. OK, it’s a bank holiday, but that’s the only day he’ll be in town. His talk will be on The Dutch electronic patient record system and beyond – towards physician-controlled decentralized medical record exchange. Four years ago, Guido … Continue reading Medical privacy seminar on May 4th
Today sees the publication of a report I helped to write for the Nuffield Bioethics Council on what happens to medical ethics in a world of cloud-based medical records and pervasive genomics. As the information we gave to our doctors in private to help them treat us is now collected and treated as an industrial … Continue reading Can we have medical privacy, cloud computing and genomics all at the same time?
Your medical records are now officially on sale. American drug companies now learn that MedRed BT Health Cloud will provide public access to 50 million de-identified patient records from UK. David Cameron announced in 2011 that every NHS patient would be a research patient, with their records opened up to private healthcare firms. He promised … Continue reading Your medical records – now on sale
Regular readers of this blog will have noticed growing issues with medical privacy. On April 24th, a new medical confidentiality campaign will kick off in London. New legislation that comes into force next month will permit the upload of identifiable patient data directly from family doctors’ records to central systems, from which it will be … Continue reading New medical confidentiality campaign
The Government has just published their response to the Health Committee’s report on The Electronic Patient Record. This response is shocking but not surprising. For example, on pages 6-7 the Department reject the committee’s recommendation that sealed-envelope data should be kept out of the secondary uses service (SUS). Sealed-envelope data is the stuff you don’t … Continue reading Government ignores Personal Medical Security
When you are a medical doctor, friends and family invariably ask you about their aches and pains. When you are a computer specialist, they ask you to fix their computer. About ten years ago, most of the questions I was getting from friends and family as a security techie had to do with frustration over … Continue reading Towards greater ecological validity in security usability
Yesterday’s publication of the minutes of the government’s Scientific Advisory Group for Emergencies (SAGE) raises some interesting questions. An initial summary in yesterday’s Guardian has a timeline suggesting that it was the distinguished medics on SAGE rather than the Prime Minister who went from complacency in January and February to panic in March, and who … Continue reading Is science being set up to take the blame?
Just as in other types of victimization, victims of cybercrime can experience serious consequences, emotional or not. First of all, a repeat victim of a cyber-attack might face serious financial or emotional hardship. These victims are also more likely to require medical attention as a consequence of online fraud victimization. This means repeat victims have a … Continue reading Three Paper Thursday: Exploring the Impact of Online Crime Victimization
On May 29th there will be a lively debate in Cambridge between people from NGOs and GCHQ, academia and Deepmind, the press and the Cabinet Office. Should governments be able to break the encryption on our phones? Are we entitled to any privacy for our health and social care records? And what can be done … Continue reading Happy Birthday FIPR!
Making security sustainable is a piece I wrote for Communications of the ACM and has just appeared in the Privacy and security column of their March issue. Now that software is appearing in durable goods, such as cars and medical devices, that can kill us, software engineering will have to come of age. The notion … Continue reading Making security sustainable