Trent W. Buck <trentbuck@gmail.com> wrote:
Thirty attacks per week times 52 weeks in a year times 200 health authorities in England is a lot of privacy compromise!
It is, but this scenario wouldn't apply in the case of an electronic health record system. In the scenario, someone claiming to be a doctor calls a health authority and asks for records. With a health database, anyone who is a doctor would have access already, and would need to supply credentials (e.g., login/password) to retrieve records. Next, ensure that health care workers are trained not to give login details to others and not to retrieve records for people who contact them requesting information. Obviously, that's only one attack vector and there are other social techniques of compromising security; the point is merely to make it difficult enough to carry out that the number of incidents is kept down, while still supporting legitimate access. Storing the data on a card, or at least using the card as an authentication mechanism, are entirely reasonable measures, too, for the reasons you give.