East Londoners nicked under Computer Misuse Act after NHS vaccine passport app sprouted clump of fake entries British police have made a series of arrests over the past few months after people with apparent access to NHS databases allegedly sold fake vaccination status entries on the NHS vaccine passport app. This week the Metropolitan Police's Cyber Crime Unit declared it had arrested three men after an unidentified NHS trust " …
> GP patient data was enthusiastically moved out of Practices and into data centres run by the system suppliers a while ago.
Yes, EMIS even moved this GP patient data they held from their own data centre to AWS in 2019. Not sure whether SystemOne and INPS still host patient data themselves or if they also have moved to the cloud.
Separate from this, my ongoing two ICO complaints about GP Practices (and other health orgs) sharing patient data unlawfully for the past 10.5 years might start to come to a conclusion shortly as the ICO case officer sent me an email yesterday to tell me two things - firstly that he is now in a position to give me an outcome regarding my 9.5 month old case against the central ALB (Arms Length Body) that is "managing" the sharing of patient data, and secondly that he's just gone on Xmas leave and will not be back in the office until 4th Jan at which point he will start to write the case outcome to send to me in early Jan... I'm still hoping that ICO might actually take some significant action but I'm also prepared to more realistically instead see ICO give them a mild "don't do that again" slap on the wrists and take basically no real action.
Once ICO have sent some outcome for that in Jan then I expect they will shortly afterwards also deliver an outcome for the related 11 month old case against my GP Practice. Again I'm hoping for action but realistic that ICO are a waste of space.
Relevant to midgepad's earlier comment, one aspect of my two complaints (against GP Practice & ALB) is that when I asked my GP Practice when did they instruct INPS (Data Processor for GP's patients records system) to integrate with the ALB's central system the Practice said that they *never* instructed INPS (yet the integration has been in place/active for 8.5 years) - which appears to indicate that INPS either acted upon the ALB's instructions to integrate with the central system or else INPS decided to do so themselves - neither of which would be lawful as the GP Practice is the sole Data Controller for their patients' records and a Data Processor can only lawfully act upon the Data Controller's instructions.
Perhaps. However I'm not talking about NHS England - in my case it is HSC (NI), aka NHS Northern Ireland.
If the NI central orgs were *already* Joint Controllers for the GP Practice records then there would have been no need/no point to create a Data Sharing Agreement for the system in question to define all the various HSC(NI) orgs as Controllers-in-Common (as they were from the start of the sharing) or Joint Controllers (as they have allegedly been since some undefined "recent" date) in order to share personal data from the GP Practices. My Practice have indicated they are the sole Controller for their patient's records and they also have indicated they never instructed INPS to integrate the Practice's records system with the central system (their words were "it just happened") so that indicates INPS as Processor acting without instruction from the Controller.
"made NHS England a joint controller of the patient data - I have certainly seen reference to this before"
If that's the case in England then your GP Practice's Privacy Notice would be required to state this (as part of the GDPR "transparency" requirements). Perhaps that is where you saw it mentioned?
In Scotland https://www.bbc.co.uk/news/uk-scotland-58422607
"The passport was introduced as a way of allowing events to go ahead despite surging cases of Covid-19 and avoiding wider restrictions, while also encouraging the uptake of the vaccine in younger people."
And vaccination is going pretty well in Scotland, so that part worked. Showing that the vaccine stops the virus spreading is trickier. Mainly it stops the virus from killing the vaccinated person, which is good, but some vaccinated people think they're completely safe, and they're not. So they could engage in risky behaviour like going to big public events...
But to the extent that the vaccines do ward off the virus, the virus spread is slowed.
Unfortunately, the NHS (regardless of country) is already ramping things back up in terms of COVID wards, if the NHS staff I follow are anything to go by because they are concerned that omicron will return things to where they were in April last year.
Of course, whether it will remains to be seen, but I think the NHS would rather overreact and *not* be caught with their pants down, than just trundle along and have a repeat of April last year. It may be an illogical response in our eyes, but...
"Most of the people in ICUs now are unvaxxed"
More than "most". It's around 98%
Vaccination works. It may not always stop you CATCHING Covid, but it sure as hell bolsters your defences if you do catch it
I caught covid very early in the pandemic - before vaccines were avilable and before it was even realised as a pandemic. I had 3 MONTHS off work, have lost half my lung capacity, permanent hearing and eye damage and amd still dealing with other aftereffects nearly 2 years later
If you want to roll those dice, that's fine, but why should anyone pay your medical expenses when a vaccination is cheap insurance? And are you willing to pay the medical expenses of anyone you infect?
So can they do them on this?
"The Computer Misuse Act makes it a criminal offence to access a computer system without authorisation. "
If they are internal and as part of their job have access. You can't do them for unauthorised access. They can just get fired for abusing their position.
"If they are internal and as part of their job have access. You can't do them for unauthorised access. They can just get fired for abusing their position." - employees are authorised to access a system for the purpose of carrying out their job. Just noodling around or personal use is not authorised. People at DVLA get sacked for looking up vehicles they are thinking of buying or which e.g. belong to someone they are curious about.
If they are internal and as part of their job have access. You can't do them for unauthorised access. They can just get fired for abusing their position
Yes. “Without authorisation” includes accessing for purposes not related to their work/role - their authorisation is conditional, and subject to the Acceptable Use Policy and professional standards.
Same as Police snooping on their new neighbours or daughter’s new boyfriend.
It’s actually more serious because it involves an abuse of trust, as opposed to straight black hat breaking-and-entering.
7 Jan 2022 - a digital forensic specialist from Stafford, admitted misconduct in a public office last month after being sacked by Staffordshire police for gross misconduct. A police worker who illegally downloaded and took home thousands of images, including those showing murder victims and postmortems, has been jailed for three years. Darren Collins, a digital forensic specialist from Stafford, admitted misconduct in a public office last month after being sacked by Staffordshire police for gross misconduct.
His brief said " He accepts and understands, with the benefit of hindsight, he should not have and was not permitted to look at other images beyond the parameters he had been given for his actual role."
He worked for Staffs police for 18 years! In a digital forensic role! And he needed 'hindsight' to realise that?
This post has been deleted by its author
Since when has the Yellow Advertiser been a source of news? I can remember it being shoved through the door of my Essex home back in the '80s (and possibly the '70s) as one of the two freebie papers of that era. I will admit to viewing its pages of listings, then buying and selling knackered cars as a student. It also had a secondary use to mask off bodywork from overspray.
But to see it credited as a newsworthy source has really blown my mind. I need to take my medicine ->
I thought it went bust some time around '86? My first job as a paper boy lasted 3 weeks before they went TITSUP (total inability to supply unwanted papers). And I've outlasted a few more employers since then, which doesn't look so good when you write it down. Hmm.
(Apologies if you lived near a certain riverside place to be, the last 3 might have been me...)
Like the systems still running Windows 7 and thus vulnerable to log4j etc.
For that matter, MSG got hit over here by a script kiddie level hack, that got into their email server and made off with
essentially the entire patient email database.
That £1.5M should be given back with the requirement it be spent on IT improvements IMHO.
I think you'll find the NHS is now mostly up to date, unlike a lot of businesses I am aware of.
90-95% of the NHS estate is on a supported version of Windows 10 and the majority of the remainder are on older builds of w10.
Log4j has hit everyone, from FAAM down and unlike the Belgian MOD, the NHS (so far) hasn't been breached.
Getting vaccinated is a lot easier and less trouble than trying to fiddle the system. You also have the advantage of being relatively immune to the virus.
I know that there are people who insist on not getting vaccinated on principle. Since nearly all serious cases of Covid are now among unvaccinated you could say the problem is gradually fixing itself. Paying extra for a duff record might fool a few people but it won't fool the virus. (....and yes, I know the diehards insist that the virus -- even all viruses -- are a hoax but I haven't got time for that particular rabbit hole).
Since nearly all serious cases of Covid are now among unvaccinated
Identical case fatality rate in under 50s whether vaccinated or not (0.05%) - I count death as the ultimate "serious". Your statement has some validity in the elderly (who'd have thought old people are susceptible to respiratory infections?) but is provably false for others.
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1018547/Technical_Briefing_23_21_09_16.pdf
I looked at your reference.
Let me direct your attention to Table 7 on p34. It lists vaccine effectiveness for 1. Infection, 2. Symptomatic disease, 3. Hospitalisation and 4. Mortality. Under those headings Pfizer-BioNTech and AstroZeneca respectively score 1. 75 to 85% and 60 to 70%, 2. 80 - 90% and 65 to 75%, 3. 95 to 99% and 90 to 99% and 4. 90 to 99% and 90 to 95%. Moderna has results listed for fewer categories: 2. 90 to 99% and 3. 95 to 99%. [1 to 4 are my numbers to represent rows in the table]
In what way do you argue this table, from the report you cited, supports your contention?
"Since nearly all serious cases of Covid are now among unvaccinated"
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1041593/Vaccine-surveillance-report-week-50.pdf
I will refer you to look at page 35, table 8 COVID-19 cases by vaccination status between week 46 and week 49 2021 then
Table 9. COVID-19 cases presenting to emergency care (within 28 days of a positive specimen) resulting in an
overnight inpatient admission by vaccination status between week 46 and week 49 2021
Of the 8,235 admissions, 42% are unvaccinated and 55.88% are vaccinated (with 51.68% being double vaccinated).
I should have added "where I live" -- California
This is a large state with a couple of densely populated areas in an otherwise sparsely populated rural state. The politics of the rural area is very similar to the Heartland -- put simply, there are many Trump followers and so a lot of people who don't believe in vaccination and so on -- while the urban areas have a lot of high skills people who tend to "follow the science". This sharp delineation tracks both vaccination rates and the disease itself, the correlation between the two that was first noticed last year.
The response to Covid in the US was conditioned by the needs of the 2020 Presidential race. I have no idea why anyone would want to import this level of dysfunction into their countries.
Yeah - nah. When the CinC tweets that governors who impose lockdown orders are tyrants and it's his followers' civic duty to resist them, violently if necessary - it's kinda hard not to see that as interfering with the response.
As well as his other crimes, Trump also seems to be the world's worst line manager.
Take another look at the table.
Look at the bit that says [These data should be interpreted with caution. See information below in footnote about the correct interpretation of these figures]
So read the footnote. If you don't understand it then please don't try to read anything at all into the table because you're not understanding that either.
Now look at Table 1 on p12 because that tells you unequivocally what you actually need to know. It's essentially the same table that I pointed out in a reply to another post (you again?) trying to make something out of another report.
depends on when you got yours and where you're from what colour they are:
The US and the new UK ones are Blue, Irish ones are green, EU ones are red, there are a few Black ones, but most pick one of those...
https://www.passportindex.org/byColor.php
Technically the definition of Passport fits both purposes, so its purely a political distinction.
https://www.merriam-webster.com/dictionary/passport
This whole covid passport thing doesn't really worry me, as I have no interest in attending any venue where they might be required! I'll stay at home and only go out to the shops for food. I'm lucky - I work from home anyway.
But do we need this mega-technical bureaucracy of apps etc? Surely the simplest starting point is showing your vaccination card(s)? I have two - one with the details of my first two jabs on, and the other with my booster. Issued by NHS Cymru. If they're worried about faking it, shove some holograms on the cards. Given that it's only a matter of managing risk, and Covid can pass around even in a room of fully-vaxed people, surely it's hardly critical if the odd un-vaxed dick-head sneaks in with some fake paperwork. Sometimes the simplest solutions are the best!
Many places have been requiring negative LFT or proof of vaccination before permitting entry for several months.
Most are happy with the card. Been to one that asked for the NHS letter, but they didn't scan the barcode so rather pointless.
Very likely that most places will still be happy with the card.
"As that was happening, the NHS was also preparing to launch the "biggest data grab" in its history, moving GP patient data from their local surgeries to a central repository"
It wasn't the NHS that initiated the data grab, it was the government through the ono-NHS company the Health and Social Care Information Centre akak NHS Digital.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
