Jason White wrote:
I'm really not concerned about the possibility that a government department or a health professional could gain access to my records without my consent.
From rja's Security Engineering, http://www.cl.cam.ac.uk/~rja14/book.html http://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c02.pdf 2.2.1 Pretexting Colleagues of mine did an experiment in England in 1996 to determine the threat posed by pretexting to medical privacy. We trained the staff at a health authority (a government-owned health insurer that purchased medical services for a district of maybe 250,000 people) to identify and report false-pretext calls. A typical private eye would pretend to be a doctor involved in the emergency care of a patient, and he could be detected because the phone number he gave wasn’t that of the hospital at which he claimed to work. We detected about 30 false-pretext calls a week. Unfortunately, we were unable to persuade the UK government to make this training mandatory for health authority staff. Thirty attacks per week times 52 weeks in a year times 200 health authorities in England is a lot of privacy compromise! If the data is only with your local GP, the attacker has to attack that GP. If the data is centralized such that a quarter of a million people can access it, the attacker can attack the most credulous individual in that group. There are also issues with improperly anonymized records appearing in research papers. I just had an idea -- store the canonical copy of the data on your medicare card. Most people, most of the time, will have a wallet and a phone on them, and they're already used to the idea of managing secrecy of their wallets' contents. Your active caregiver has a cached copy that they pull from your medicare card with a card reader on their desk. If you go to ER without your wallet, they have to pull it from there -- same as they do now with paper records. Remaining logistics issues are left as an exercise for the reader. (Like, upgrading everyone to a smartcard, since a magstrip doesn't have enough storage.)