Now there's a manifesto pledge I would vote for
Close down NHS Direct and replace it with a service not pwned by the dot com mafia.
The UK Department of Health (DoH) has released a redacted copy of its contract giving Amazon access to data on the NHS Direct website, following a Freedom of Information request from civil rights group Privacy International. The Master Content License Agreement provides Amazon with "a non-exclusive, worldwide, perpetual, …
If your data is traceable or not...
If you go and see your GP about some hemmarhoids [other illnesses are available] and suddenly you get adverts for creams etc then you will know that Amazon is talking porkies.
I would not trust Bezos and co as far as I could throw him into a bit of the Amazon river that is infested by very hungry Piranahs
""No patient data is being provided to this company by the NHS, which takes data privacy extremely seriously and has put appropriate safeguards in place to ensure information is used correctly."
This means "We already sold off your data to Amazon. Kindly put any complaints in triplicate to the ICO and we'll look at their submission in 5 years time."
No, it means "If you are stupid enough to buy a voluntary surveillance device and place it in your home, we are not responsible for any data the controllers of the surveliance device gather on you by profiling the searches you make of our content using the surveillance device."
They're providing web content to Amazon in the same way as Wikipedia etc, nothing more. Amazon certainly can profile you based on your searches of that, in the exact same way that Google can gather information and targeting advertising based on a profile of your searches. I absolutely agree that the potential for Orwellian abuse is quite horrendous, but if you're concerned about that the answer is to disengage from Amazon/Google etc, not blame content providers for making their content available on the platform you chose to use.
I would worry more about what information your GP is passing on if I was you. We received more than one request from research companies requesting help from my husband regarding his illness. One was open & honest enough to say that the GP had put my husband’s details forward. We don’t mind helping research but it would have been nice if we had been asked for permission to have my husband’s medical notes passed on.
This is exactly the sort of thing that I would be entirely unsurprised to hear is happening in the US, but it does surprise me coming from the UK. The UK tends to be much better about this sort of thing than the US -- but I guess not always.
It should be criminal for services that you can't realistically do without -- like health care -- to require that your data is shared with the likes of Amazon (or Google, or any other such company).
For Americans and other non-Brits I should add that newspapers say a Gregg's Sausage Roll (waste meat in pastry) costs £1.
The last time I bought one, only a few months ago, it was £0.80. Back then you could get a steak pastry for £1, maybe Brexit has increased that too.
My main point is nobody knows how many children Boris Johnson has, not even Boris Johnson. He is kind of like Trump but more intelligent and less moral.
To be equally fair, I have no idea either.
I couldn't tell you how much anything I buy costs, and I do my own shopping.
I buy what I need, or want, and pay for it, and unless it costs a lot, like more than £2, I pay little attention.
It's probably just a sign that he has sufficient disposable income that he doesn't have to count every penny.
... it does surprise me coming from the UK.
Long ago I would have thought/said the same thing.
But you know who resides at 10 Downing St. these days and what party has been in power for 30 of the last 40 years, resulting in the sad state the UK is in.
So no, not at all surprised.
I am surprised there has not been a huge backlash to this.
O.
Now, now. The Tories have only been in charge for 27 out of the last 40 years, not 30. Don't get your numbers wrong else the usual suspects will use the rounding error to dismiss your claim as utterly incorrect and point out that because Jeremy Corbyn has been in Parliament for the last 36 years it is in fact all his fault.
And for 7 of those 27 years, they were sharing power with other parties. (Both of whom got stitched up like kippers in the relationship.)
I don't blame Corbyn, I blame the numpties who voted for him as leader of the Labour Party. As a backbencher he was fine. As a leader, he's by far the greatest weapon in the Tory arsenal.
"Both of whom got stitched up like kippers"
What was the downside for the Conservatives? They had to have a referendum on proportional voting (which kept the status quo, so no impact really), and they introduced the plastic bag tax (which doesn't seem to have had much political fallout), but as far as I know that was the only concessions they made to the Lib Dems.
The LibDems on the other hand, ended up losing most of their voters (most of whom in my experience would have been happy with anything except forming a coalition with the Torys). They went from 57 seats in 2010, to 8 in 2015.
The Lib Dems came off much worse from that team-up.
As for you comments on Corbyn, I'd broadly agree, but don't forget that he has managed to inspire a (very) hardcore bunch of people who weren't Labour voters before. Almost certainly not enough to win an election, but significant none the less.
"The Lib Dems came off much worse from that team-up."
Not surprising as most of their voters seemed to treat it as a protest vote. It came as a big surprise to them that the leadership actually acted responsibly given that the alternative might have been a continuation of BankruptciesRUs Brown.
The other thing that came as a surprise to then was that in government, especially in a coalition, you can't get all your policies implemented because reality gets in the way,. The big casualty there being student loans because that was how Blair/Brown had funded the expansion of Universities.
My point exactly. The Lib Dems got thoroughly stitched up when Cameron lured them into supporting tuition fee rises. And now the DUP have been equally brutally shafted (not that they don't deserve it) by Johnson's Irish-Sea plan.
This is what happens if you make a deal with the Tories, which is why Johnson is adamant it can't happen again - he knows no-one is ever going to trust him.
Most of those 27 years have ben spent fixing the damage caused by the preceding Labour governments.
The only reason Blair and Brown stayed in power as long as they did was because they "borrowed" Tory policies and passed them off as their own. As soon as they went back to traditional Labour policies they messed it all up again and the Tories got back in.
The reason the Lib Dems lost their seats is not because they were "stitched up like kippers", it's because the voters realised that it didn't matter what they had promised before the election, they wold do whatever they wanted and ignore what the voters wanted - and had been promised.
Most of those 27 years have ben spent fixing the damage caused by the preceding Labour governments.
You won't often find me defending New Labour but most of their spending plans from 1997 involved fixing the leaking school and hospital roofs left as the legacy of 18 years of Tory government. That they swallowed the Tory line on deregulation and PFI to keep the City happy is something they should be excoriated for, but we'd be in a fuck of a worse situation if the Tories had carried on doing what they normally do, selling off public assets to fund their tax cuts for the wealthy. Go look at the data on which governments borrow the most and which governments pay off the national debt the most to see the true picture on long-term finance. Look at the rise in wealth inequality, foodbanks, precarious employment and household debt these last nine years to see how the Tories are happy to favour the few over the many every bloody time.
This isn't about sharing "your" data with Amazon, it's about sharing the NHS's data with Amazon.
The closest it comes to "patient records" will be something like "if the patient reports these three symptoms, ask about these possibly related symptoms - then based on answers, branch recommendations as follows".
"It should be criminal ..."
Well it's worth reading this then. Government and health service web sites all over Europe are riddled with third party slurper bots, and that's even on pages gathering sensitive (Article 9) personal data. This latest departure is quite minor by comparison.
You can ask your GP to see your health records, and I'd recommend it - though do ask to do so in a health centre. They printed mine off and posted it to my neighbour, who read it before returning it.
I was hospitalised by a cat attack once. About fifty bite punctures to my hand, and scratched to hell. It eventually swelled up and I was admitted through A&E. In my medical notes I later found out by reading my notes that the senior nurse assumed I was a heroin addict and I'd stabbed my hand with a needle fifty times in the one evening. That is just so wrong for so many reasons.
Dismayed by the quality of information in my file, and dismayed by their lack of security, I demanded the right to be custodian of my own medical records. Every politician I approached treated me like I was crazy.
I've mentioned here before I once had to scan in medical records I didn't think I should have had access to. We were an imaging / ICR firm trying for an NHS contract, and the NHS files provided to us to test/demonstrate were X-Rays, typed and handwritten records, et cetera, of numerous dead children. I doubt anyone thought to ask their relatives for permission.
The NHS is wonderful in so many ways but once you realise their utter lack of data security for patient privacy then it's difficult to approach them for treatment.
I said before it was the worst work experience I had. It didn't give me nightmares, but I was emotionally devastated for weeks after. I was feeling sorry for myself at the time until I realised I was vastly overpaid compared to the nurses and supporting NHS staff that actually dealt with those dead children, and do so each and every day.
My wife died because consultants and junior doctors couldn't be bothered to follow their own rules. This is isn't alleged, I forced them to apologised publicly and then sued them and won.
As an institution they don't believe their own rules apply to them at any time, I have this in writing. They have no interest in learning from mistakes (also in writing) and don't really give a shit when things go wrong unless you drag them kicking and screaming to tribunals and courtrooms (all complaint responses late, most points ignored in favour of their own).
Before I could begin my complaint I had to get hold of medical records which even in the circumstances I had to pay the photocopying fee for.
"Can you tell me where my country lies?"
said the unifaun to his true love's eyes.
"It lies with me!" cried the Queen of Maybe
- for her merchandise, he traded in his prize.
"Paper late!" cried a voice in the crowd.
"Old man dies!" The note he left was signed 'Old Father Thames'
- it seems he's drowned;
selling England by the pound.
When I read those disclaimers like:
the NHS, which takes data privacy extremely seriously and has put appropriate safeguards in place to ensure information is used correctly.
I hear something like
the NHS, which has no clue about data privacy at all, and would sell information about their grandmother if it paid enough, has put in place measures to ensure that data leaks widely, where we can't trace what's lost, and through leaks that we'll never fix (and don't know how to)
The data being sold by the NHS is its info on the NHS direct website, which is basically a symptom wizard and pages to look up what to do in an illness. Not patient records.
The issue with this then being on Alexa is what are Amazon going to do with the data for a person after using the Alexa Symton wizard.
they aren't. The DoH aren't sharing personal data so there are zero data protection implications for them.
That Google may choose to profile is a matter for Google and they (Google) would be the data controller as they are the ones collecting and processing personal data.
It’s supposedly anonymised, but still has to comply to the 7 Principles as below. What guarantee is being made to ensure the anonymisation remains intact.
The GDPR sets out seven key principles:
Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality (security)
Accountability
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/
1. I live at postcode AB3 4CD
2. I go to my doctor, who diagnosis X and gives me a prescription for Y, an over the counter medication.
(Note, even if the patient record is anonymised, the TIME STAMP on the medical record is presumably available.)
3. I go home and order Y through Amazon.
4. The data mining application at Amazon immediately links the DOCTOR DIAGNOSIS (NHS Direct) and the Amazon order for Y (matching the TIME STAMP data).
5. Voila ... Amazon can now link the original (anonymised) medical record with a name and address. And of course, Amazon also knows about your other purchases, particularly the ones you sent to friends (birthdays, Christmas). So now Amazon is building a matrix of you and your friends (and the medical history of your friends -- see above for details).
BIG DATA at work.
But wait.....commercial organisations have access to credit card databases, car licence databases, Google search histories......the list is very long. Matching processes similar to my example would allow some unknown DATA CONSOLIDATOR to link up medical histories, names, addresses, credit scores, car ownership...... This linkage might take a while (a month or two)....and before you know it, some advertiser will know the colour of your underwear (and that of your friends too).
Welcome to the future........Amazon is already here!!!!!!
"4. The data mining application at Amazon immediately links the DOCTOR DIAGNOSIS (NHS Direct) and the Amazon order for Y (matching the TIME STAMP data)."
This is where your logic breaks down a little (though the end result of what's really happening is pretty similar). Amazon won't have access to the doctor diagnosis info, as that's not on NHS direct. All they're getting from NHS direct is a symptom/diagnosis database, basically the same info the website will give you if you browse there looking for advice. There's no patient data there at all, much less the really sensitive stuff like actual medical record data.
However, if you use alexa to search NHS direct for "Why does it hurt when I pee?" and then send them an order for an over-the-counter "clap-be-gone" ointment, you can bet that Amazon's algorithms will have joined the dots and made a note in their profile on you. NHS direct really isn't responsible for the data which has been gathered on you - you've leaked the data yourself by using Amazon as a middleman for everything. That's what's going on here.
Big Data by definition is the ability to de-anonymise data like this.
You take medicine A and B live in an post code area with a known pollution level. The Venn Diagram intersection of that consists of just you. Repeat for all the rest of the data and other factors. It gets even easier once you can start removing people from the data set since the birthday paradox can be used in reverse. A few trillion iterations through a large data set can keep a modern PC from sleeping for hours at a time.
Australia's new-ish "MyHealth" system goes a step further than the NHS in terms of data captured and data accessibility. Much assurances by govt on how it is all totally secure and eyes-only and never to be released for commercial use, and in fact only to your own doctor*. "TWUST US! Or not ; we've made it mandatory so we really don't care what you think."
A largeish company recently accidentally let the cat out of the bag by announcing they will be "innovating" by trawling the MyHealth data for commercial gain.
.
.
* Or any doctor in event of emergency. In fact this ability was the headline scream-slogan as the overwhelming "NEED!" for this system.
And since there's no way to really formally record "emergency status" environmentally, it's really just "any doctor". Or nurse, too, they'll need it. Oh, and the administrators, they need to make decisions about any treatment. Oh, and their managers and all senior management. GP's counter staff need it because they process the payments. And public servants with any responsibility related to health. So that's a gawpingly large number of Centrelink people included too. Plus most of the special units therein. Plus anyone who's ticked the govt box marked "NDIS Provider". Plus their sub-contractors. Plus .... etc etc. The arguments for the net thrown wider are ongoing and will always be. For example, RTOs (training organisatoins who've suckled onto the govt teat) have already made noises about needing access, as part of assessing concessional status.
To put it another way, your private medical history is now leakable by perhaps a quarter of the population of Australia.