Full NHS hospital records uploaded to Google servers, "infinitely worse" story to come

Good to see some sanity in the comments. Now if the poster would notice, rewrite the headline to reflect the bombastic reporting, and then apologize to boing boing’s readers for such brain dead actions… Well that would be great.

1 Like

Dammit.

The old IBM cards can store 125 bytes each. 130gb divided by 125 bytes is 1,040,000,000. 143 cards to the inch. 7272727 inches.184.7 kilometers.

~0.0459% of the average distance to the moon.

2 Likes

Beyond that, I thought part of the point of saying it that way was to hammer home the point of, “This was going on for WEEKS and nobody stopped to think about what a bad idea it was?”

It’s one thing if somebody presses a button and does it accidentally in a few seconds. Horrible, yes, but you could at least maybe see how it’d happen. But what actually happened should have you banging your head against something hard until you need to update those very records that were compromised.

I’ve been poking around - might have got this wrong, but here goes:

HSCIC have released a statement saying that they released the data to PA Consulting, with a very strict agreement to limit the use of the data to certain named individuals.

HSCIC have released another statement saying that they are “investigating urgently the source of the data used by Earthware UK”

It looks like this Earthware company developed a mapping tool using this data - there’s a screenshot at - https://twitter.com/cknott20/status/440548069373779968/photo/1

Earthware’s blog has (had) a post from October 2013, stating “As well as our Hospital Episodes Map which Healthcare companies and the NHS use to understand the flow of patients through the healthcare system, containing details of all admissions, outpatient appointments and A&E attendances at NHS hospitals in England. A useful tool to know what goes on where!”

So, quite possibly, this data was searchable and publicly available.

2 Likes

Britain? Is that still a thing?

:slight_smile:

2 Likes

Someone has just pointed out to me that every trans person who has used the NHS in England has now been outed against their will.

6 Likes

Indeed. If you write 1 byte in every square centimetre of Wales you have a capacity of 189 Terrabytes.

2 Likes

I assumed EBCDIC encoding (80 characters/card) and, for drama’s sake, put them end-to-end longwise. I guess stacking them like you did would be much more reasonable. But you should point out that’s London to Birmingham:

Hold on, is someone suggesting that a public/private partnership has gone wrong for the public?

9 Likes

Frisbees. Known as “lids” of data.

1 Like

CMS delivers data on small USB hard drives, with basic encryption at the drive level and on each contained dataset segment.

Oh and it’s not even CMS directly anymore. They use a data purveyor called Buccaneer, and you have to apply to CMS for any data use, and then wait and get approved by another party called ResDAC.

You keep using that word “infinitely”. I don’t think it means what you think it means.

2 Likes

Earthware now has a post on their website saying that it was a mockup map using dummy data. http://www.earthware.co.uk/

Wait, where does NHS Wales come into this? I can’t see that mentioned anywhere since it’s run independently of England as is NHS Scotland so they shouldn’t be a part of this utter clusterfuck. Hopefully anyway.

EDIT: So i notice that it comes from charles stross himself but where is he getting it from? It’s not in the guardian article either. Pretty sure this just concerns NHS england.

That’s interesting. I wonder why they were so quick to remove the map, and also all mentions and screenshots of it from their blog?

The US’ HIPAA law prohibits even unlawful access to a patient’s records (“unlawful” meaning even by a healthcare professional who doesn’t have to have access to that specific patient for a specific reason), let alone disclosure, which has been used to prosecute people who got into celebrities’ hospital records and such. Anyone want to bet that the people who were responsible for this will get off with a handslap?

Oh My God, that’s 109,226 5.25" floppy disks!!!

They probably had to deliver the data to Google by truck!

1 Like

Wouldn’t that be variable depending on the tide? Not to mention beach erosion, new landfill, etc.

easier to do that and put up the disclaimer than put up with (metaphorical/otherwise) firebombs from the kneejerk brigade…

1 Like

we get our stuff from CMS on cds.