* Posts by T 7

9 posts • joined 7 Sep 2018

Algorithm used to predict sepsis in hundreds of US hospitals isn’t as good as maker claims — study

T 7

“A better approach for the software would be to use a model that analyses healthcare symptoms defined by health agencies, such as the US Centers for Disease Control and Prevention, rather than just relying on billing codes, it would seem.”

Amazing at it seems, as a consultant in the NHS I make diagnoses all the time without needing billing codes.

In fact I spent a long time answering exam questions about sepsis without once resorting to billing codes.

All this data is stored within our Cerner behemoth. If only we knew how to get it out clinicians might not need AI / startups and lots of money.

East London council blurts thousands of residents' email addresses in To field blunder

T 7

I work in the NHS. CC email to over 800 people including multiple external donains. DPO told me is was fine as everybody on the list had consented. I had not.

I reported it to IT. Using an internal email address. Unbeknownst to me that address belonged to a contractor. I was then accused of causing the data breach myself. By divulging my concerns to IT support.

I gave up at that point abd realised as above, that nobody gives a care

No Wiggle room: Two weeks after angry bike shop customers report mystery orders on their accounts, firm confirms payment cards delinked

T 7

I think it is rather optimistic of the hapless souls that have been charged to think that the goods will be delivered to the fraudsters. Wiggle use Hermes, which is why as a lycra-clad carbon bike riding not quite MA-MIL I left them and asked them to delete my data last year. Any fraudster relying on hermes to deliver their ill gotten wares might need to reconsider their plans.

A cautionary, Thames Watery tale on how not to look phishy: 'Click here to re-register!'

T 7

Phishy fishy FISH

I get regular emails to my nhs.uk account asking me to open the attached encrypted html file. They are genuine, from ESR, the electronic staff record people. The thing is, no matter how hard they scratch their heads, peeps cannot work out how wannacry got into the system and why people felt safe to click such emails.

If the good guys continue to engage in bad guy practice, the end user won't know which emails to trust and which not to. And I have reported at least 2 unsavoury emails to Trust IT departments that were truly bad.

That was some of the best flying I've seen to date, right up to the part where you got hacked

T 7

God forbid the pilot was female. "Basically, we're trying to give the pilot the information about what's happening internally on his aircraft in real time,"

Hacking these medical pumps is as easy as copying a booby-trapped file over the network

T 7

Re: Connectivity ?

Maybe so on a general ward, but a very different picture on intensive care. There is a lot of data collected into ICU electronic records and I have no problem with that being done electronically. But the system should be designed from the perspective of a bad actor, not left wide open for updates over the network.

Alarm / alert fatigue is a massive issue in hospitals. One case I am aware of involved 27 people clicking through an alert about a critical missing medication.

Central notification is not all bad. ICU nursing is 1 nurse: 1 patient. But sometimes they need to help each other out with rolling patients or dealing with a deteriorating patient or checking drugs. Having alarms centrally monitored as well gives a degree of redundancy that is entirely appropriate.

It is 2018 and the NHS is still counting the cost of WannaCry. Carry the 2, + aftermath... um... £92m

T 7

Ah yes. NHS IT. Every April I get sent a 'secure message' from an external email address that asks me to open the html attachment to read the message. The thing is, it's genuine. So our IT department says - sure go ahead. Then we wonder why people open html attachments and spread malware.

<facepalm />

I want to buy a coffee with an app – how hard can it be?

T 7

I really hope you never have to use NHS IT. I mean, it's not like lives depend on it.

HTTPS crypto-shame: TV Licensing website pulled offline

T 7

The same happened with my flat managing company (Warwick Estates since you weren't asking). They were using zendesk chat and had hardcoded "http://" meaning all chat was unencrypted. They had no idea what I was talking about and it was only when I went to zendesk and got them to confirm it, they actually changed it.

Similarly, NHS jobs, until 2 weeks ago, was doing passwords and logins in the clear.

Last year I found the same with credit card details for bookatable. Again, hardcoded 'http://' on a 'back' button.

I am not even an IT professional. This kind of stuff is everywhere.

Naturalky no one has ever thanked me. But I'm not in this for the praise.


Biting the hand that feeds IT © 1998–2021