Re: [silk] Fwd: From the TEST-ON-A-B2B Department

[Sean Doyle <sean@xxxxxxxxxx>]

Udhay Shankar N wrote:

> Can Sean Doyle comment on this?

Not intelligently about the specifics- there is certainly a tension between
having hospitals use common infrastructure (for cost savings and often higher
performance and quality) and opening themselves up to attacks that were honed
elsewhere.

At some hospitals paper records are much easier to get than the digital ones.
All you need is the proper security protocol (get a haircut, put on a white coat
that looks like it belongs to a hospital) and few people will stop you from
going into a 'staff only' area.  It is harder to get a specific person's records
because usually you have to sign for them and look someone in the eye when you
get them - but I could imagine certain people could pull this off :-). In my
opinion the paper record security is not that bad. Most hospitals I've visited
have signs in the elevators asking people not to discuss confidential patient
information in public; this type of practice can work very well.

I could make a case that computer security would be better - and in the abstract
I think it is. In practice there can be practical problems. If you put on a
white lab coat and walk around the terminals sometimes you can read the
passwords on Post-it notes. At larger hospitals that take security seriously
this is less of a problem since often there is a security officer that owns the
issue. How well it works is really up to the institution. Lots of clinicians
take security seriously & these issues aren't new to them.

I think it is a mistake to depend on computer security as the only mechanism for
protection (There is a nice report on this done for the National Academy of
Sciences - full report (http://www.nap.edu/readingroom/books/for/) and executive
summary (http://www.nap.edu/readingroom/books/for/summary.html). If you have
some type of strong authentication but you don't have a timeout on our
workstation then unauthorized people can get access; if you force people to type
in identifiers in emergency rooms when they all sorts of fluids on their hands
they will stop using the machine or find some way to hack around security.
Probably the latter. A secure system needs to have good software that is
correctly configured and understood by the people at the site.

Biometric gizmos aren't in widespread use yet - it isn't clear that these solve
anything either. Many hospitals have thousands of 166MHz machines running Win95
and they aren't going to update soon. The problem isn't that new computers are
expensive - it is that someone needs to walk around and do the upgrades & that
there is often home-grown software written in old versions of VB that won't (for
example) run on Win98. So - asking them to put in some fancy keyboard or smart
card reader that runs on (say) Win98 or Win2K  isn't an option.

Sorry I don't have a general answer. If the whole system is well-designed and
the model that users have of security matches the way that it works then the
system can be fairly secure. If the system is well-designed and the users don't
understand it then I'd expect it to work as well as the Maginot Line did.

Sean