Sorry. Biometrics aren't the answer.
All biometrics I have heard about have serious flaws. They appear to
be a low integrity but convenient authentication mechanism. The best
use of a biometric at present would be:
* biometric used to unlock secure token (rather than a pin or password)
* biometric never stored anywhere except on the secure token
Roger Clarke has written extensively on biometrics if anyone wants to
read more....
http://www.anu.edu.au/people/Roger.Clarke/DV/AusCERT0405.html
Something about: "one of the worst examples of this pervading
unprofessionalism: the enthusiasm for and deployment of biometric
technologies that don't work in applications that they're unsuited
for. The ongoing manic state of national security agencies has
enabled marketers to sell snake-oil with more fervour and less
restraint than ever before. Government buyers have suspended their
disbelief in ways that are fine in the theatre, but are seriously
dangerous to security.
The use of 'biometrics' as a mantra has deflected attention and
investment away from security measures that could be effective, in
favour of placebos. Biometrics do not, and cannot, deliver security.
We are suffering from biometric insecurity.
Really much the same story with the mega health VPN concept that will
not die......
Ian.
At 9:05 pm +1100 7/2/06, Rob Hosking wrote:
Oliver Frank wrote:
I can see the dialogue now between the Medicare Australia auditors
in the specialist's office, just like in the TV crime shows: "Yeah,
this referral must have come from Andrew Patterson alright - it's
got his fingerprints all over it."
Oliver and List
But seriously, biometrics would solve a lot of the concerns people
have about losing their token, not having it with them, and also
issues about generation of the key within the token. The hurdles one
has to leap over to get an individual certificate now, and not to
mention the renewing every 2 years, would make biometrics appealing
to both doctors and gov't, I would have thought. The cost of issuing
doctors with fingerprint readers would not be much different to the
current issuing of tokens (perhaps a bit more but the lack of need
of renewal could offset the increase). Although, based on the
current attitude of gov't to medical IT we would have to buy our
own. Also could be useful in surgeries to get away from the
forgotten or unused password (or sticky note on the computer with
password written on it).
Also, I think we need to question the whole business structure (red
tape restrictions) of gov't on clinical management. Why do we need
the referral to have a signature on it that is proved to be me? Why
can't we just notify Medicare we are referring a patient, or the
specialist notify Medicare (or even on the pt claim form) that a
referral has been made. Is it not up to the specialist to validate
that they trust the letter I have sent them? Otherwise the
information in it may be misleading and they should not rely on it.
Why does the gov't need to be able to see the clinical note? Surely
there are other business practices that are better than this archaic
one in which we are working. Don't get me wrong, I still think the
GP should be the gatekeeper to secondary care, but I think the
system could be reworked on a big picture level.
I would also like to see specialists being able to act as true
consultants. It would help solve much of the workforce problems now
if GPs could get paid for some time spent communicating with a
consultant specialist and the specialist also getting paid for such
communication. This communication could be in electronic format.
This could allow time for reflection and further questioning (by
secure e-mail or telephone or fax) and could even allow reviewing of
digital images (such as for dermatology). Some indemnity issues
would need to be worked through, but I think the efficiency gains to
specialists and the community would be enormous and would also
empower GPs to manage patients more themselves. Think how many less
patients you would actually need to send to a dermatologist (usually
a few months wait and rash is different or patient very annoyed) if
they received a quality image on which they could comment. They
might still need to see the patient but you could start a management
plan prior. Convenience to the patient is enormous.
Likewise with prescriptions. I agree with some other person's
posting that we should be able to send an electronic prescription
(signed by biometrics) to some holding bank/site and if not claimed
by some (any) pharmacist acting for a patient, then it is discarded.
Currently there are many prescriptions never filled by patients and
quite a few of these are by agreement with the doctor ("If you don't
improve within x days then get this prescription filled.") and it is
also the right of a patient to decide not to take a particular
treatment. Hence, there should not be a compulsion by some nervous
pharmacist with an e-script to call the patient and ask them to
collect the medication.
Another annoyance is the need to provide prescriptions for patients
in residential care under nursing supervision. Why can we not just
have residents who are on long term medications reviewed by us (the
doctor) every 2 or 3 or 4 or whatever months? Perhaps we just need
to sign the drug chart to say we have reviewed it? Meanwhile, the
pharmacist keeps dispensing based on the drug chart. We get paid for
reviewing patient and medication chart (but please, no more EPC type
paperwork!) and the pharmacist gets paid for supervising the
medication dispensing. No prescription required! No spending hours
on unproductive and unpaid tasks. Obviously legislation would need
to be changed, but this is not beyond the realms of imagination or
common sense.
We need some big picture changes. They don't need to be as alarming
as physios and chiropractors referring and by passing the GP but we
should be able to change some fundamental blocks to productivity. "I
have a dream".
Rob Hosking
Bacchus Marsh, Vic
Andrew Patterson wrote:
NIST in the US have just released the standard for
biometric government smartcards for the US federal
government - how about referrals by fingerprint??
I can see the dialogue now between the Medicare Australia auditors
in the specialist's office, just like in the TV crime shows: "Yeah,
this referral must have come from Andrew Patterson alright - it's
got his fingerprints all over it."
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
--
Dr Ian R Cheong, BMedSc, FRACGP, GradDipCompSc, MBA(Exec)
Health Informatics Consultant, Brisbane, Australia
Elected Member, GPCG Management Committee
Internet: [EMAIL PROTECTED]
(for urgent matters, please send a copy to my practice email as well:
[EMAIL PROTECTED])
PRIVACY NOTE
I am happy for others to forward on email sent by me to public email lists.
Please ask my permission first if you wish to forward private email
to other parties.
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
