'Biggest data grab' in NHS history - links to opt out.

Ice Tea

Ice Tea

Ice Tea

Soldato
Joined
1 Nov 2004
Posts
4,956
https://www.theregister.com/2021/05/13/nhs_data_grab

The NHS is preparing for the "biggest data grab" in the history of the service, giving patients little information or warning about the planned transfer of medical records from GP surgeries in England to a central store for research purposes – and with no prospect of the data being deleted.
Click to expand...

Links in the URL to opt out if anyone is interested...
 
https://uknewstoday.co.uk/2021/05/1...gal-threats-and-police-call-complains-it-pro/

IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him.
Click to expand...

he told the business he had found a public repo containing the source code for an insecure online portal and its database containing usernames, hashed passwords, email addresses, and API keys.
Click to expand...

Great timing :)
 
Pretty sad when you look at the other Medical database breaches around the world how vulnerable unwell people have been traumatised with blackmail...
 
mrk said:
NHS Digital said names and addresses, written notes, images, letters, and documents would not be collected. Nor would coded data that is not needed due to its age and coded data that GPs are not permitted to share by law.

Key bit here, I have done one NHS online opt out but printing paper and signing then sending to the GP is a faff I CBA with when none of the collected data doesn't actually name be personally and collected and shared data is otherwise untagged from any specific person.
Click to expand...

And then further down the page it says...

medConfidential has produced a guide to opting out of the new data grab. It has also published a list of the types of data that will be extracted from GP records by the programme. These data points include sensitive details relating to divorce, criminal records, prison and probation, complaints about care, relationship abuse, and child abuse, and info on sensitive diseases, such as AIDS. The campaign group's full guide for patients is available here.
Click to expand...

And at the top of the opt out form at NHS digital it specifically says identifiable information.

If you do not want your personally identifiable patient data to be shared outside of your GP practice
Click to expand...

A few examples of data breaches:

Patients Blackmailed 2 Years After a Breach

https://www.databreachtoday.com/patients-blackmailed-2-years-after-breach-a-15274

Therapy patients blackmailed for cash after clinic data breach

https://www.bbc.co.uk/news/technology-54692120

Massive Health Record Breaches Evidenced by the Office for Civil Rights Data

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6556182/

This study presents evidence of health data breaches taking place at an unprecedented level. Medical records of at least 173 million of people, gathered since Oct 2009, have been breached and might have adversely influenced over half of the population in the USA.
Click to expand...

https://digitalguardian.com/blog/top-10-biggest-healthcare-data-breaches-all-time
1. Anthem Blue Cross: 78.8 Million Affected (January 2015)
Click to expand...

So a great track record for medical data breaches...
 
Last edited:
BMA warns NHS Digital's own confidentiality guardian could halt English GP data grab unless communication with public improves Data law's transparency requirement currently not being met, according to powerful doctors' union

https://www.theregister.com/2021/06/25/bma_says_nhs_digitals_own/

Backbench Tory campaigner promises judicial review of data grab of English GP patients unless UK government changes tack Trove too tempting for computer criminals while public unaware of their rights

https://www.theregister.com/2021/06/25/david_davis_gpdpr

Davis lambasted plans to store pseudonymised patient data because it is impossible to fully anonymise medical records, a fact well understood by experts in the field.

"The government has failed to explain exactly how it will use the data, failed to say who will use the data, and failed to say how it will safeguard this treasure trove of information," he said.

Meanwhile, holding a central store of medical histories would inevitably attract nefarious actors wanting to illegally break into the system. Davis pointed out that a 2017 ransomware attack brought parts of the NHS to its knees causing trusts to turn away patients and cancel 20,000 operations.
Click to expand...
 
SexyGreyFox said:
!!!
I already get the records for the Police concerning certain patients.
Click to expand...

In a blog published last week, Dr Byrne said the bill imposes a duty on clinical groups in the NHS to disclose information to police without breaching any obligation of patient confidentiality.
Click to expand...

I guess that they mean the Police would be able to use the medical records as unfettered evidence for leverage in a prosecution?
 
NHS Digital's demise bad for 55 million patients' privacy

https://www.theregister.com/2022/03/04/nhs_digital_privacy_bmj_article

Ten months after attempts first began to extract the medical information of 55 million citizens in England, NHS Digital's former chairman is warning the merger of the agency with NHS England threatens the privacy of people's personal data.
Click to expand...

The view was that if a patient had chosen to use the NHS they had implicitly agreed that their data could be used for the benefit of the NHS
Click to expand...
 
https://www.theregister.com/2022/03/23/uk_government_gp_data/

Concerns are being raised over UK government proposals to extend emergency powers introduced during the pandemic, giving it access to patient data held by general practitioners (GPs).

The government has decided to put in place a plan "omitting the expiry date contained within" emergency COVID powers and "to make a consequential amendment to the review provision", with the aim of "establishing and operating information systems to collect and analyse data in connection with COVID-19."
Click to expand...

How convenient. :)
 
www.theregister.com

NHS hospitals lose millions in AI startup investment

Two trusts saw nearly $18 million go up in smoke when Sensyne Health was delisted from AIM
www.theregister.com www.theregister.com

Two NHS hospitals in the UK have lost nearly £15 million ($18 million) between them due to the collapse in value of an AI startup.

Last month, The Register reported that seven NHS hospital trusts appeared to have lost millions following deals with Sensyne Health – a fledgling AI business trying to discover and develop new medicines – which saw company shares exchanged for patient data.
Click to expand...

Talk about fail before you even start.

:D
 
You must log in or register to reply here.
Back
Top Bottom