Interesting reader comment on the blog entry NPfIT security warning after NHS staff view celebrity record
“This is yet another example of how technologies introduced for the greater good, allowing information sharing and more effective working, are also an Achilles Heel if not properly secured.
Historically, there has been too much emphasis on encryption and authentication of data at the expense of monitoring what authenticated users are actually doing with the data when they’re given access to it. As Pirelli’s mantra goes…‘Power is nothing without control’.
The key to protecting information from internal audiences with inquisitive minds is in securing and monitoring access to the database with the use of more intelligent behavioural analysis technologies. If NHS Trusts don’t follow the lead of the more forward-thinking government departments soon, similar unfortunate news stories will be peppering the front page of Computer Weekly for years to come.”