On Wed, 18 Sep 1996, Timothy C. May wrote:
On a related note, I read an article yesterday about the proposed new Health Data Base, with all encounters with any medical institution or any health care provider of any sort being cross-linked and cross-referenced.
Scary. The benefits for the singular patient would be very marginal. Epidemiologic research would become easier, with lots of opportunities for the publish-or-perish academic medical crowd, but we already know that smoking etc is bad for us. The real agenda is of course to make life easier for the insurance business, our would-be employers and the State.
the master index was born....Only people with a 'security ticket'--such as doctors, insurers, scientific researchers or police with a proper warrant--are supposed to be able to see the clinical details....Kathy Ganz, director of the New Mexico Health Policy Commission, said, "Rights to privacy are genuine concerns, but they will need to be balanced against notions of common good."
The specialized software industry is currently flooding the medical community with applications for all sorts of patient-related info. It started with the small units (offices, with a single or a handful doctors etc), which are already doing a lot of their record-keeping on digital media, often with lousy security. Now the turn has come to the big hospitals, which need heavily customized implementations of the basic product they will choose. Athough most serious products have proper authentication routines (including smartcards; especially nurses seem to be totally unable to handle passwords above the my_cat's_name level), the overall availability of patient data will rise enormously with digital storage. The trend in the US is for large companies to take over more and more of the big hospitals (in Sweden almost all hospitals are owned by the 'public', with a trend towards bigger and bigger integrated 'regions') mandating larger and larger databases. So even without an outspoken decision the Grand National Health Database is worming itself upon us.
Pretty chilling, eh? As we all know, once such medical, dietary, and genetic data bases are established, the likelihood of privacy-invading use is near unity.
It certainly is. And cryptography can not do that much about it since it's primarily a problem of user integrity. Asgaard