> > I know that there are colleagues who are scared stiff about the mere thought not
>to be able to alter their records whenever they deem it neccessary. Most of them
>don't need to be afraid. But that is why GNUMed leaves them the choice - you only
>need to delete your transaction log file and opt out from the transaction hash
>exchange, and from that moment on you can (provided you have enough technical
>knowledge) alter your records without leaving a trace. Bad luck though , if you end
>up in court after doing so.
>
> I don't think this is a good idea, since if you were very competent at hacking, you
>could completely re-create a perfectly legitimate system, including fake transaction
>logs etc. Then the complainant has no chance in court. The only way around it is
>probably that the checksums are sent somewhere secure at the end of each day.
In case you missed that posting: my proposal included a daily (or weekly or so)
automated exchange of hash list updates between either a large number of independend
practices or with a 3rd party non-profit trustee. That means, I generate my hashes,
compress this list, and off it goes by internet to the exchange ring, stored there in
a CVS like database, same way I will receive every fday the list updates from other
practices in my database. Now, if my and some other clinics burn down over night,
there will be still dozens of others able to give evidence for my records. As you
would provide this service mutually, ther would virtually be no extra costs involved
(other than setting up the system and providing storage space / online time). I
believe, this distributed approach is even more secure than a bank safe.
Horst
