Healthcare Efficiency Through Technology (HETT) Expo 2015
Olympia, 30th September 2015
As Unshakeable Salt continues to supply services to NHS England, yours truly made the trip down to London to attend the Healthcare Efficiency Through Technology Expo in Olympia. The HETT agenda promoted numerous presentations on security and it could have been the opportunity to challenge rhetoric, but there are still many stalwarts holding onto rhetoric.
The first bit presentation of the day was at 9:30, which following a 200+ mile journey was always going to be a challenge. Whereas getting into the venue was easy enough, getting into particular presentations was somewhat arduous. Even getting into a queue for a stage 40 minutes before didn’t guarantee you entrance, let alone a seat. There were a multitude of signs about how you get your place reserved for a particular slot – but these list must have been aspirational, as come the scheduled slot, doors were opened and scrums determined who got in.
There was particular focus from the NHS on how the IoT and wearable’s will be able to help assist in the prediction and prevention of illness. Loads of possibilities, but clearly thoughts and concepts within their infancy.
Nobody would question that better care is a good thing, but the HETT presentation at the made it clear that this power came through knowledge, but the need to Innovate was prioritised over the need for controls. Innovation partners who are able to assist in the gathering of this Big Data from multitudes of resources were all excited on how this data set will provide better patient care, although you could see the £££ signs in their eyes as they would be free the insight to anyone for the right price.
After a decent chat with Dawn Monaghan from the ICO, it came clear that the rhetoric within the public healthspace arena is still prevalent. Information Governance rules Healthcare, InfoSec is trumped by IG Policy, even if that Policy is 15 years old and there have been multiple changes to the legal restrictions since.
European Court of Justice, 6th October 2015
One such change in legislation is the provision of ‘Safe Harbor’ providers across the globe to provide equal data protection as provided European citizens. On the 6th October, the Court of Justice declared that the Commission’s US Safe Harbour Decision was invalid.
It may take a while for Silicon Valley to determine the full impact of such a ruling, but there is an immediate impact for people in Europe who utilise large American cloud providers for their services.
A number of years ago I had the task of investigating an ‘accidental’ transfer of personal information to the US, breaching a supply contract and demonstrating a lack of care when protecting information. As the investigation progressed it became apparent that the Safe Harbor registration system was somewhat biased and provided little protection – or in this case, any guarantee of being a reputable provider.
CyberFud – Are we doomed ?
CyberFUD. The stories and anecdotes from the Information Security World that spread...