Written by Technorati Tags: health, identity, puppy
Of course, you wouldn’t expect people to log on to computers using someone else’s tamper-resistant smart card and their PIN. Oh wait… according to today’s Metro, the South Warwickshire NHS Trust has decided to allow its staff to log on to the new NHS patient record system (which is going to store the medical records of everyone in the UK) by sharing their supervisor’s smart card and PIN. Basically, instead of the members of staff using their expensive, personalised digital identities with attendant access rights, they just stick the supervisor’s card in the machine, put the supervisor’s PIN in, and then leave the card in the machine until the end of the shift. The head of IT there says it’s OK but, as the British Medical Association (the doctor’s trade union) is complaining, this doesn’t just subvert the security of the overall system it also destroys the audit trail of who accessed what information. Given that the front page of the paper is about record negligence settlements by the NHS, I bet lawyers are reading up about smart cards with enthusiasm.
By the way, check this page out.
This is a lesson that cannot be reinforced strongly enough. There’s no point in designing a digital identity system that works in Powerpoint but has no connection with the real world.
My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public.
[posted with ecto]
I NEED HELP I AM A VICTIM OF IDENTITI THEFT AND I DON’T KNOW HOW OR WERE I CAN WRITE OR ASK FOR HELP SO IF SOME ONE PLEASE CAN HELP ME . PLEASE LET ME KNOW
THANK YOU VERY MUCH