In message <[log in to unmask]>, Mary Hawking
<[log in to unmask]> writes
>Could anyone tell me - I thought the whole point of encryption was to be
>able to send confidential material safely over unsafe networks. If you
>have secure encryption, does it matter whether or not you are connected
>to the WWW ? Am I missing something?
>Mary
No Mary you are 'spot on'. By using an appropriate form of encryption
the sender can make the message unreadable to anyone (including himself
/ herself) EXCEPT for the intended recipient. It can then be sent
through networks that have very little in the way of security /
confidentiality at virtually no risk. From an ethical point of view
there is a strong case for clinicians (health care professionals as a
whole) NOT delegating responsibility for protecting patients' privacy to
a third party. By 'wrapping' our messages in encryption and digital
signatures we can take that full responsibility with a high degree of
confidence.
Also, you are right to highlight the dangers of over-engineered and
unworkable solutions. Our prime objective should surely be to enhance
the care of our patients rather than protect (?rather doctor oriented)
confidentiality. But of course privacy / confidentiality / security ARE
important. The trick is to find a way of getting maximum protection for
minimum 'baggage'. Some ideas are beginning to come together as to how
this can be done in an incremental and highly pragmatic manner.
--
John Williams, Senior User GP / Provider Links Project
Email: [log in to unmask]
Fax: 01483 440928
Mobile: 0374754302
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|