« National press reports on NPfIT go-lives in London | Main | London trust may claim after NPfIT problems »

BBC R4 Today - why did PA have prison database download?

I said on the BBC Radio 4 "Today" programme this morning (approx 8.30am) that the loss of a memory stick by PA Consulting raises questions about why a private contractor had access to government data on 84,000 criminals. Does this mean private companies will also have access, on the quiet, to patient-identiable information under the NHS's National Programme for IT? I also said that there is so little independent scrutiny of the government machine, and so much secrecy, that the only time systemic failures come to light is when there is a, well, systemic failure.  

Links:

Errors in thousands of records in prison system - EDS study

Prisoner database riddled with errors - Computer Weekly

Government scales down prison IT project after costs spiral - Computer Weekly

Massive failure over data loss - BBC news

Clip from Today programme - BBC Radio 4

 

Tags:

Posted by Tony on August 22, 2008 12:40 PM |

TrackBack

TrackBack URL for this entry:
http://www.computerweekly.com/cgi-bin/mt/mt-tb.cgi/33727

Comments (3)

Neil:

Tony,

Private companies already have access to patient-identifiable data under what is known as Secondary Use Services. On the quiet. Without patients' explicit consent. And without patients seemingly able to object....

With NPfIT, the amount of data accessible in this way will simply rocket.

Posted by Neil | August 22, 2008 1:53 PM

Posted on August 22, 2008 13:53

tony collins:

There's a lot of concern about the SUS and understandably so

Posted by tony collins | August 22, 2008 2:08 PM

Posted on August 22, 2008 14:08

Gary Williams:

Sorry but is this really news? It's not the first time and nor will it be the last time that sensitive data gets out.

The actual news story should be about what little regard for security procedures many companies have.

Data is easy to copy onto memory sticks, email out, burn to CD/DVD and so on. I know people who do this to circumvent access restrictions in order to meet a deadline or because the boss says so (again, in order to meet a deadline).

The IT industry has a whole needs to be made more aware of security. Government departments should be regually audited and tested. The culture of the 'quick fix' and the 'urgent deadline' needs to be killed and proper practices put in place. ITIL is start but there is a long way to go.

Until that happens this story will be lost in the myriad of other data loss stories.

Posted by Gary Williams | August 26, 2008 1:19 PM

Posted on August 26, 2008 13:19

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on August 22, 2008 12:40 PM.

The previous post in this blog was National press reports on NPfIT go-lives in London .

The next post in this blog is London trust may claim after NPfIT problems .

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Enterprise 4.1-en