[Dave Birch] The American Medical Association (AMA) says that human RFID tags could pose serious privacy risks. No kidding. But note that their report has few concerns regarding the medical implications of RFID tags. The tags are implanted using a needle in less than a minute. The Assocation does have some concerns regarding possible interference with medical imaging and other medical electronics, but the report does not cite any instances of these actually occurring. So there are no medical issues, but there are privacy issues. Such as? Well, the report says that (sensibly) patients should have to give informed consent to implantation, something that is obviously sensible. It also says that doctors

cannot assure patients that the personal information contained on RFID tags will be appropriately protected

I’d assumed that all that is in the tag is some kind of ID number and that all of the identity management takes place at the back end. Not that this neutralises privacy worries, but let’s get the big picture sorted out. It shouldn’t make any difference to the overall “privacy state” of the system whether I have the number on a bracelet, a tattoo or an implant, should it?

Technorati Tags: , ,

The situation with respect to patients is, in this instance, the same as the situation with respects to handbags or brake pads. All that the chip discloses is a number. What that number means can only be established by reference to some other database via some other servers (eg, the savants of the retail RFID environment). It is there that the security policies need to be established and enforced. Who is allowed to know what about the patient, for example. I wouldn’t have thought that the patients name was of much interest to, say, a heart monitor, so why tell it? If anything, this might be mechanism for providing patients with more privacy, not less.

Just because they could pose a privacy risk doesn’t mean that we shouldn’t use them. After all, computers pose a privacy risk. As do mobile phones. As, in fact, do doctors. In fact, so does pretty much everything, which is why it’s hardly surprising that anyone looking at the topic comes to essentially the same conclusion: ie, that there is a balance between the benefits of RFID technology and the potential for misuse of the data generated. In which case, what should we do? Broadly speaking, it seems to me that it’s too soon to make any sweeping statements of strategy or policy

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: