Hi Folks, I have just been reading Ross Anderson's excellent web pages on cryptography and security issues at http://www.cl.cam.ac.uk/users/rja14/ It includes his review of the review of computerisation of the UK NHS and the conflicts that arose between the medical and civil service administrators."Information technology in medical practice: safety and privacy lessons from the United Kingdom" Ross has also reviewed cryptographic protocols and may be of interest in the light of the "hash " discussions currently underway One particular statement he made some years ago will sound rather familiar to this group: "Building ethical systems is thus a matter of will rather than technology. This brings us to the last of the main lessons learned in the UK - an inappropriate systems culture, such as that of a civil service department, can fatally undermine the will to build systems properly. Safe clinical systems require a design team that can operate openly with a high level of user collaboration and consultation, just as in avionics or the nuclear industry. Above all, one must avoid organisational mistakes that allow clinical systems development to be hijacked by administrators; many of the NHS's problems arose from the fact that its computer department was controlled by the Department of Health in London whose principal goal was cost control. Administrative concerns thus naturally came to dominate the thinking of its management. The problem now facing healthcare information technologists in the UK is how to climb out of the hole we find ourselves in. We need an environment in which doctors, nurses and other healthcare professionals can tell system engineers what they need, and the engineers can get on with the job of building it. But given all the interests vested in the old system, this is turning out to be easier said than done. " Best Wishes Chris Fraser The Littlefish Health Project e-mail: [EMAIL PROTECTED] Website: www.littlefish.au.com Mail List: www.egroups.com/list/lftalk/
