Yet another government IT project is in the rough. What's going on, asks Mark Mayne.
The Government has come in for another IT security-related batteringrecently, following the announcement that patients will now be allowedto opt out of the forthcoming NHS database due to privacy concerns.
Patients have won the right to veto their GP from entering their medicalrecords on to the national database, forcing GPs to ask every patient togive their explicit consent. Patients will be given several weeks toreview, call for corrections or amendments to be made to their recordbefore they consent to the upload, or not. However, critics claim thatthis entire process will be conducted once the data is held on a localserver, thus initiating a catch-22 risk of unspecified electronic accessand interference.
Opponents of the scheme are concerned that the digitised medical datawould be open to hackers, viruses and unauthorised access, while detailson mental illness, pregnancy, HIV status, abortions, drug-taking oralcoholism could be mined by police and insurance firms.
So how does the UK Government manage to get IT security so badly wrong?Obviously the sheer size of the National Programme for IT has somethingto do with this - it has become a £12 billion project to connectmore than 30,000 GPs to nearly 300 hospitals, and is said to be thebiggest non-military computer procurement in the world.
Also, the public fears digital attacks as yet unknown and does not trustthe authorities, possibly due to a lack of transparency and seeminglyendless media reports of technical faux pas.
Ultimately, whatever system the UK uses to store millions of people'smedical information will be vulnerable to attack. However, irrespectiveof the technology deployed and its security, if the general publicwithhold their details from the system, it will become not only thebiggest non-military computer procurement in the world, but the biggestnon-military failure.