On Wednesday 06 December 2006 22:22, Elizabeth Dodd wrote: > On Wednesday 06 December 2006 22:08, Ian Haywood wrote: > > On Wednesday 06 December 2006 20:57, Elizabeth Dodd wrote: > > > this bit of text got me > > > it must be digitally signed by someone independent - so that excludes > > > an employee > > > so who does it? > > > how does one ensure privacy? > > > > I interpreted it as requiring a third-party notarisation service. > > As the notary needs to encounter the dead-version to notarise, presumably > > you would have to mail it to them, > > > > Ian > > but it has to be done to their PKI standards, and they don't issue X.509 > keys to anyone other than doctors, so how would it be done? Docs (except us hospital scum) get *free* certificates. Anyone can have one for a fee (~$1-200 IIRC)
> and how do you make sure that the third party does not read the letters but > is able to notarise them? They would have to read them. Which means the patient would have to specifically consent to the notarisation of the letter. I didn't say I made sense Liz. Seems you are right: HIC are determined to shut off any non-HeSA loophole. Individual certificates are seriously bad. They are totally unworkable in a public hospital scenario and probably not workable in GP-land, plus the OS lockin with the dongles, plus the totally insane contract that goes with them. Keep printing until the policy is changed seems the only real option here. Ian
pgpWscoEKqwN6.pgp
Description: PGP signature
_______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
