[Dave Birch] There has been a change in the law in the U.K. so that ID fraud is now a crime.  Hurrah!  Now the the act of ID fraud will be classed as a criminal offence even if a victim does not report a crime.  So, if you log on to a computer system using someone else’s smart card and PIN (for example) then it’s a crime.

Technorati Tags: , ,

Of course, you wouldn’t expect people to log on to computers using someone else’s tamper-resistant smart card and their PIN.  Oh wait… according to today’s Metro, the South Warwickshire NHS Trust has decided to allow its staff to log on to the new NHS patient record system (which is going to store the medical records of everyone in the UK) by sharing their supervisor’s smart card and PIN.  Basically, instead of the members of staff using their expensive, personalised digital identities with attendant access rights, they just stick the supervisor’s card in the machine, put the supervisor’s PIN in, and then leave the card in the machine until the end of the shift.  The head of IT there says it’s OK but, as the British Medical Association (the doctor’s trade union) is complaining, this doesn’t just subvert the security of the overall system it also destroys the audit trail of who accessed what information.  Given that the front page of the paper is about record negligence settlements by the NHS, I bet lawyers are reading up about smart cards with enthusiasm.

By the way, check this page out.

This is a lesson that cannot be reinforced strongly enough. There’s no point in designing a digital identity system that works in Powerpoint but has no connection with the real world.

My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public.
[posted with ecto]

1 comment

  1. I NEED HELP I AM A VICTIM OF IDENTITI THEFT AND I DON’T KNOW HOW OR WERE I CAN WRITE OR ASK FOR HELP SO IF SOME ONE PLEASE CAN HELP ME . PLEASE LET ME KNOW
    THANK YOU VERY MUCH

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: