In article <[log in to unmask]>, Colin J Browne
<[log in to unmask]> writes
>> We already had the ludicrous requirements of the NHS Net code of
>> connection which forbids those who sign it making any other connections.
>> If customer sign and observe the route we been following of reducing
>> support charges year on year is likely to go into reverse.
>
>Ewan
>
>I wonder if you could expand on this issue. If you sign up as a non
>NHS organisation on NHSnet this implies that you will not have any
>other connection. Is that a problem or is it the cost of audit of
>your system? Where do the extra costs come from? I too am not a
>Meditel user but clearly supplier views will be universal on this
>issue?
>
>
>
>
>Colin J Browne  The Black Country Family Practice
>                Queens Rd, Tipton, West Midlands, England

There are two issues here:

The ability of non NHS organisations to get access via NHSNet and the
restrictions the code of connection places on NHS organisations
including GPs who wish to connect.

I'm not too bothered about the former, as there is little I want to do
via NHSNet that can't be done via the secure gateways that are to be
provided.

I'm am concerned about the restrictions placed on GPs signing the code
of connection and the possible costs to suppliers of compliance.

As it stands the code of connection bars those who signed from
connecting to other external networks. This bars access to suppliers,
the internet and much else. NHS Net have responding by saying they will
provide access to these services via secure gateways on the NHS Net.
This is all very fine but seems to me an abuse of a monopoly power. It
leave NHS Net determing which services it is ligitimate for GPs to have
access to and puts them in the position of being able to introduce a
costly bureacracy of system acreditation, which GPs will have to pay
for.

If all of this protected the security of confidential patient data it
might just be acceptable, but it dosn't.

As is well know to list readers the security policy of NHS Net is built
a threat model which assumes that the danger comes from unauthorised
external access and that all those ligitimately inside will not abuse
their access. This leads to a security architecture which is analogous
to a building with a well gaurded fence around it but with few on no
locks on internal doors.

A threat model that regonised that the threat was primarily from abuse
by insiders, would lead to a securiry architecture that might as well
assume that the network was insecure (like the internet) and removes the
need for over the top border controls. This put locks on internal doors,
desks and filing cabinets.



Ewan Davis
[log in to unmask] - Bromsgrove, UK

Managing Director AAH Meditel Ltd - Supplier of EMR Systems.
[log in to unmask] Voice +44 (0)1527 579414 Fax +44 (0)1527
837287


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%