I read with worry that the NHS is offshoring medical records to India. The NHS is already the leakiest organisation in the UK haemorrhaging data as though the NHS computer system has a severed artery so what are they doing? Offshoring data processing to India, following the likes of mobile phone and credit card companies will only end in disaster, after all look what has happened, data has not been lost, it has been sold!
It infuriates me, offshoring data management has been proven to be insecure, impossible to regulate and a false economy. It is not cheap, it doesn’t save money in the long run, it costs money because of compensation, the cost of changing personal records and financial details and monitoring accounts for fraudulent transactions.
So a false economy and the stupidity of not learning from others mistakes make us all potential victims of data loss. What makes me even more frustrated is that Principle 8 of the DPA states:
“Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data”.
Judging by their track record so far I would suggest that the Indian sub-continent has so far been found to be willing when providing adequate levers of protection for the rights and freedoms of data subjects, all that they have done is sell personal details to criminal gangs and now our medical details are about to go the same way.
Monday, 5 April 2010
Subscribe to:
Post Comments (Atom)
When it comes to the technology you need to run your practice, it’s hard to make sense of all the options.For most health care organizations, simply having proper policies and procedures in place is not enough for IT security.
ReplyDeleteHIPAA Security Risk Analysis