You will perhaps have gathered that I actively loathe airports and air travel - the whole sordid process treats you as if you're some bullock on the way to slaughter. Still it does have its compensations of sorts when ... eventually and after all the hassle ... you arrive at your destination. So I'm now enjoying a spot of R&R in glorious sunshine sipping my rum punch and catching up on news from home via the Web.
So, what a surprise! As I suggested in my post yesterday, yet more data security breaches have come to light, this time courtesy of the Department of Health. It is almost as if these revelations are running through each and every government department in turn - first HMRC/DWP, then Transport and now Health. So who will be next?
A few thoughts come to mind, all essentially reflected in the BBC's reporting of this. First, as Norman Lamb says (and I've been saying consistently ever since I started this blog): "The whole culture of data management in the public sector has to change." The comment from Joyce Robins of Patient Care indicates just how serious the current situation actually is: "I think it's the tip of the iceberg, actually, because there's such carelessness within the NHS and it's always impossible to hold anyone to account and find out who's actually done anything." Bear in mind that this position prevails across the whole of government, not just in the NHS. It therefore follows that, to give effect to this essential cultural change, major primary legislation will be required to recast the whole sorry mess for the benefit of both the individual citizen and the public good. Andrew Lansley's comments are equally pertinent: "You have to wonder why on earth it took the Revenue and Customs to lose their discs and for government to institute an inquiry across government for these losses of data to come to light. It does feel like there's a sense in government, all parts of government, that we're required to provide data and we are constantly told that it will be protected, but in reality that level of protection simply isn't there." You can't argue with this - although the Government will no doubt try.
Next, it is to state the obvious but now there really does have to be a moratorium on the development of ContactPoint, the NHS NPfIT and ID cards - if not outright scrapping of all three - until such time as all the flaws in the Government's data security systems have been ironed out. To repeat, this has to start with primary legislation. The various "reviews" initiated by the Great Bottler simply do not cut it. And whatever recommendations they come up with for improving matters will, in fact, be worthless. There is nothing to be gained in overlaying new, more rigorous procedures on a regime that is manifestly broken at its core.
Finally, there is the issue of the timing of the announcement ... just as we're all winding down from the daily grind and getting into proper festive mood. Burying bad news? More than likely! Because what's the betting that the Government knew enough detail about these breaches to have been able to reveal them to Parliament before it rose of 18th December?
As I've said before, this is going to get worse for the Government before it gets better. There will be more data security breach revelations in the coming weeks. And, bluntly, the issue is just not going to go away until they hold up their hands, admit the error of their ways and legislate to resolve it. Even then there's no certainty that whatever our technologically illiterate politicos come up with on that front will in fact make our data any safer.
Tiddly-pom ... back to the rum punch(es)!!!
No comments:
Post a Comment