So this was an important ($$$$) company who thought that backups were something you left end-users to do? I presume they are bust or selling vegetables now.
147 publicly visible posts • joined 19 Jun 2013
They get kept for as long as is necessary. The method of having a "trusted" person in your organisation have sight of the relevant documents and for them then to record "conditions met" is attractive. Attractive, that is, until the relevant law enforcement bodies rock up on your doorstep and start asking difficult questions.
Data Protection breach?
I would have thought that anyone of the trainees who felt that they had been disadvantaged by this shambles might have a case to bring under the Data Protection legislation. Mind you given how NHS management (especially clinicians in management roles) treat those who point out errors, perhaps trainees eventually with a job will judge it better to keep schtum.
Where have these people been for the last 50+ years? (I can only speak for my experience; I suspect the problem goes back much further.) I worked (as a Naval officer) in a part of the MoD Procurement outfit in 1973-ish. The headline message of this article was crystal clear even then. I suspect that part of this is inherent in the nature of the activity. On the other hand, think of those activities which have been created or driven as a result of military needs (and funding). Also bear in mind how quickly some things can move when and "Urgent Operational Requirement" arises.
Pretty tough comments but what about the companies?
Most of the comments so far are pretty tough on the perpetrators and I get that. I too am not comfortable with a mental condition leaving someone free to re-offend. However, I think the elephant in the room is the lack of condemnation of the various companies for the incompetence shown by their IT teams. If they had not made it possible for these two to roam through their systems, then there would have been no (serious) crime committed. Pretty unimpressive.
"The technical community is not part of civil society and it has never been,"
Of course technicians should have an input to the governance and discussions but do we really want anyone who will say that they are not part of "civil society" to have any conclusive hold over something as important as the Internet?
I'm surprised that so little of the comments are about battery replacement. I have two redundant phones, one of which would still be in use if it was possible to simply replace the battery. Android OS still new enough to not be a security concern, works OK on 4G. The phone I had about 12 years ago had an easily replaceable battery and would still be in use if the technology had not moved on. Hence I support the EU drive to force all similar small electronic devices to have easily replaceable batteries. (Ditto common USB connections.)
Re: Dry Run
Rather similar to what happened round here. The Parish had been told to collect pledges of funding (~£1k for each household) to co-fund fibre rollout. Then one day I saw a guy climbing the poles at the foot of the garden and was told that we would all be FTTP in a few weeks. No explanation, no further information, just BT planning at its best. Still it works just fine so I'm grateful for that.
Re: "This store of confidential data is a national treasure"
Not quite. These records belong to the Secretary of State for Health (or whatever they are called today). The patient's rights are essentially to be able to see them, to seek to have errors corrected and ultimately if there is no agreement about an "error", to have a note setting out the patient view added.