I think we should always expect errors, hope that efforts are made to minimise the risk of them occurring, and make contingencies for when they occur. No system will be perfectly secure, and it may be that we won't individually draw enough malice to warrant a full scale assault on our own system while Medicare may incur this. I don't believe our health IT utopia will ever exist but things will improve. The responsibility for use "our" PKI key much devolve back to the key generator if it shown to be their fault there is a breach in security. Jim
Cedric Meyerowitz wrote: >I agree that some people who think they are experts make big stuff ups - >including Governments worldwide. But people in glass houses should not >throw stones. Doctors are suppose to be in the top few percentiles of IQ. >Yet how many of them can't read or refuse to obey instructions. Every year >we read of some-one finding discarded old medical records on the rubbish >tip. Every week I see patients on medication they don't qualify for (RB or >Authority), yet a significant percentage of GP's and specialists refuse to >read or understand the yellow book or what their clinical package displays >on the screen. Some blantatly ignore the restrictions. I am not justifying >the PBS's criteria, so please no discussions about it. All I'm sayimg is >that if PBS made regulations we must follow it or prescribe privately - >there are many discussions about Dr. not bulk-billing, and if they feel so >strongly a patient needs Medication X that they will falsefy records or lie >to be able to prtescribe it, then prescribe it privatey. > >I can continue add infinitum of how silly / stupid we as Dr.'s are, because >we believe we are above the law. > >Cedric > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >On Behalf Of Horst Herb >Sent: Friday, 7 April 2006 7:51 AM >To: General Practice Computing Group Talk >Subject: Re: [GPCG_TALK] another goodreason not to trust HeSA with our >privatekeys > > >On Fri, 7 Apr 2006 07:47, Ian Haywood wrote: > > >>The fact is, even if HeSA, HealthLink, et al., were computing >>super-geniuses all running OpenBSD, someday, someone is going to crack >>their system. They've chosen a system were our security is dependent >>on theirs (however good), but they could have easily chosen one where >>it isn't. The problem is, they don't trust *us* ;-) >> >> > >The problem is that they don't understand that it is entirely irrelevant >whether they trust *us*. > >If we stuff up (our key gets compromised by our fault) = *we* are liable for > >the consequences > >If they stuff up (our key gets compromised by THEIR fault) = *we* are >(still!) >liable for the consequences because it will be close to impossible to prove >in court that it was their fault > >If in any case we will get the blame and suffer the consequences, what's so >difficult then to understand that *we* want full control? >_______________________________________________ >Gpcg_talk mailing list >[email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk > > >_______________________________________________ >Gpcg_talk mailing list >[email protected] >http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk > > _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
