Tim Churches wrote:
1) NSW Police is not HeSA and to equate the two as you do in your
message subject line is not sensible. They aren't even in the same tier
of government.
Tim,
I guess Horst's point is that if a public authority in such a
security-sensitive an area as counter-terrorism can stuff-up like this,
then how can one trust other, arguably much less sensitive, areas.
Levels of government are irrelevant, in my view. Especially when, as he
has been campaigning about for ages, HeSA has no really good reason for
generating GPs certificates in the first place.
For example, when you install Promedicus, it automatically creates the
keys it uses for encryption by prompting you to enter a random string of
characters. It then transmits the public key to their server, which is
all they need to be able to transmit encrypted investigations results
securely to the practice. This process takes literally a minute and a
very brief confirmatory phone call to the number displayed at the end of
the set-up process.
Surely a similar functionality could have been built into the HIC Online
API to achieve the same result for both signing and encryption purposes?
It would also have had the benefit of vastly reducing the time for GPs
to apply for and receive the 'tokens' from HeSA.
I'm also mindful that the now much-streamlined-but-still-cumbersome
procedures for using HeSA keys and HIC Online were largely due to the
efforts of the likes of Horst and Oliver Frank when HIC/HeSA came up
with their first iteration of nonsense. No one would touch all of this
when it involved 130 page contracts that only meant anything to security
specialists, reams of application paperwork and security hurdles, some
of which are still there.
I still have to sit with GPs and walk them through the web forms for
applying for their HeSA keys and HIC, sorry Medicare, Online. Many GPs
have never used a web form before, apart from Internet banking perhaps,
and certainly the requirements of the online registration are not
obvious to the first time user.
Greg
--
Greg Twyford
Information Management & Technology Program Officer
Canterbury Division of General Practice
E-mail: [EMAIL PROTECTED]
Ph.: 02 9787 9033
Fax: 02 9787 9200
PRIVATE & CONFIDENTIAL
***********************************************************************
The information contained in this e-mail and their attached files,
including replies and forwarded copies, are confidential and intended
solely for the addressee(s) and may be legally privileged or prohibited
from disclosure and unauthorised use. If you are not the intended
recipient, any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication or any action taken or
omitted to be taken in reliance upon this message or its attachments is
prohibited.
All liability for viruses is excluded to the fullest extent permitted by
law.
***********************************************************************
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
