He pointed out that NHS consultants may have to keep track of dozens of passwords which change regularly – and those who may be able to help with lost passwords tend to keep office hours only.
“Little black books and post-it notes are the only option if you are not to resort to the ultimate sin of shared pass-words – when your professional indemnity insurance (and thus your future employability let alone your reputation) depends on what is done in your name.”
This raises an interesting question which has never been satisfactorily answered: How can the need for health information to remain confidential be reconciled with big NPfIT databases of medical records and the password-sharing, post-it-note culture of the NHS?
Medical consultants can argue that their priority is treating patients and sometimes saving their lives. Should they spend less time on patients and more on the management of their passwords?
In short, big NPfIT databases of health information may be a good idea made impractical by the security culture of the NHS. This basic weakness should have been properly thought through – and wasn’t – before the NPfIT was announced.
It’s unlikely that the password-sharing culture will stop because of the National Programme for IT. What will change is that hundreds of thousands of NHS staff will be able to access much larger databases than before. If the NPfIT ever works.
To this Whitehall officials would say that NPfIT databases are much more secure than paper records and there’s always an audit trail. But audit trails don’t work when passcodes are shared.
Philip Virgo’s blog – Computer Weekly
Password-sharing hinders probe into serious blunder – IT Projects blog
Endemic sharing of passwords – Computer Weekly July 2006