Regarding matters discussed before on NHS data security (particularly the NHS privatisers’ plans to place our medical records on a computer database, euphemistically named the “Spine”) readers may be interested in the worrying computer-related points suggested by Ross Anderson, professor of security engineering at Cambridge University, as reasons for not wanting your medical records data to go on this Spine:
1. No “sealed envelopes” yet exist to limit access;
2. No on-line patient system yet exists to correct errors in the data;
3. Data uploaded may include genetic, psychological or sexual information;
4. It is intended to make your data available to social workers, researchers and commercial firms;
5. Your consent will not be asked before commencing processing;
6. Adequate criminal penalties against abuse do not yet exist;
7. Police and other agencies can gain access to a potentially unlimited range of information about you. There is abundant evidence that computer databases (including those of the Police, vehicle licensing and banks) are routinely penetrated by private investigators on behalf of clients which include media organisations;
8. 250,000 “smart” cards have been issued granting access to the Spine;
9. The Health Department threatens to withhold appropriate medical care from objectors;
10. Doctors say there is no necessity to design the Spine in this way.
You should check with your GP – you may well find that your data, like mine, has already been placed on the Spine by its jack-booted planners:
1. You can, by writing to your GP (and not the secretary of state who isn’t likely to see your letter), opt out of having your data uploaded to the Spine;
2. You can also opt out of having your address and contact details on the PDS (population demographics service – the NHS’s “address book”). If you don’t, then hundreds of thousands of NHS staff have access to your real name, address and telephone number;
3. Then you can also opt out of the NHS Secondary Uses Service (SUS), which stores records of all hospital treatments in the UK (including sensitive stuff like abortions and A&E treatments for drug overdoses). To do this you must invoke Section 10 of the Data Protection Act and state that the availability of your hospital records to large numbers of civil servants, etc, causes you distress.
I thank the very knowledgable members of the Greater London Linux Users’ Group (GLLUG) as well as to the beloved Guardian for advice and information.
Enough for now? I’ll come to the dear old Bexley PCT later …
spinkledis9
freeThamesmead 