A little research request for UK GPs...

Following the recent NHS regional authority data leaks, and taking advantage of the lull in workload associated with the festive season, I've been thinking about whether care record centralisation or decentralisation is the better idea.

Currently, I'm in favour of centralisation; this is mostly down to human factors. If a centralised infrastructure needs fewer but more capable sysadmins than the regional authorities currently have, such sysadmins can be found, and measures can be be put in place (codes of connection, etc) such that any data which is legitimately accessed by a regional authority cannot be cached outside the central infrastructure, then centralisation is pragmatically the best bet.

However, I'm open to other opinions and lines of argument.

I've also had a careful re-read of some standards I tend to refer to, from a healthcare-oriented perspective, and doing so raises a number of questions; I was originally planning to blog about what changes might be needed in an end-to-end, centralised electronic patient and care record system in order to maintain compliance with these standards, until I realised that I don't have current and detailed knowledge of what various health authorities are actually using, today.

So, I have a request. If you are a UK-based GP, or know one who wouldn't mind answering a few questions for a security geek, please let me know (either by email - usual Sun format - or in this posting's comments):

  • for a typical PC in a GP's surgery, who owns it?
  • for ditto, who maintains it, from the perspective of patching, AV, etc?
  • what OS and apps does it run?
  • what is the nature of the data connection between the GP's surgery and the local trust - who owns it, and who provides it?
  • what authentication does a GP have to provide, to access online records or services?
  • does said typical PC have internet connectivity, and if so, is this direct or via some relay / proxy in the local authority?
  • what does the computer do, when you put a CD or USB stick in it?
I thought I'd make the request here, since different regional healthcare trusts may have different approaches, and I suspect my own GP might well take a dim view of me trying to make an appointment with him for something not related to my health ;-) .

If you would like to email me about this (being my preferred means of communication on the subject), please use your NHSnet or doctors.net.uk email address; I'll drop you a quick line back with my thoughts, and this will also serve to verify that the email comes from a valid address...

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

davew

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today