From: Andrew Herd <[log in to unmask]>
>Absolutely. If the system is that insecure, then I am not going to take
it
>just on someone's say so. With respect to Ahmad, I've been caught out
this
>way before.
>
>If Ahmad is right and it is so easy to hack NHSnet addresses, then I
think
>we have a duty to demonstrate it and set off a debate about making the
thing
>more secure.
>
>Anyone going to take up the challenge?
No. Everything is hackable. This is not the point, and to engage in
hacking matters is a distraction from the main issue.
That is:
** the security of information is a function of management not that of
the network**
Furthermore, there should not be exchange of patient identifiable
information on **any** network without PETs (Privacy Enhancing
Technologies), for example, encryption and digital signatures.
Ahmad
--------------------------------------------
Dr Ahmad Risk
Editor Health Informatics Europe
http://hi-europe.co.uk
tel: +44 1273 724866
fax: +44 1273 774 614
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|