• Investment World
• eWorld
• Brand Line
• Mentor
• Life
• Brand Quest
• The New Manager
• BL Club
• Smartbuy
• Books
• Gallery

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources
• In Focus
• In Depth
• Events 2007

Group Sites

• The Hindu
• The Hindu ePaper
• Business Line
• Business Line ePaper
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

P.V. Sivakumar

To store or not to store?

R.K.Raghavan

An interesting debate on protecting an individual’s health data is now raging in the UK. It is of great relevance to many of us in India, although privacy as a concept in the cyberspace is yet to gain strong ground in the country, in the absence of a strong legislation, and also because of a culture that does not look upon prying into other people’s lives as something unethical or parting with intimate data as abnormal. For instance, we do not mind sharing our home telephone numbers with all and sundry, something that will surprise an average Westerner, to whom such information is sacrosanct, not to be doled out indiscriminately.

The National Health Service (NHS) in the UK is a behemoth, with a near monopoly in the field. It has admirers and trenchant critics, possibly more the latter. The truth is it can be frustrating for those who have the routine ailment and do not want to take a chance. But in an emergency and for major illnesses, the NHS has proved its worth. Many laud the speed and high quality of its response.

Successive governments have been trying their best to improve the NHS image. One solution thought of has been to build an effective IT system for the whole of the NHS. The belief is that, this way, its modest resources can be used to the optimum and waiting periods for patients needing immediate care are cut down substantially. It has, however, been struggling for years to construct a comprehensive database that will be friendly both to the patient and the NHS doctor handling the patient, especially in an emergency.

The idea is to permit access to the patient so that he gets to know the names of all the NHS staff that had treated him in the past and details of procedures he had been subjected to. At the same time, the NHS doctor is enabled to lay hands easily on the patient’s medical history (such as allergies to specific medicines and surgeries undergone earlier).

The NHS’s objective is, no doubt, laudable. But all the contracts it has awarded till now to private firms to build a foolproof IT system have been in vain. This should be intriguing but is nevertheless true. The exercise has invited strong criticism and even ridicule.

Alongside this, the any number of intrusions and data losses suffered by UK government departments in the past few years have led to the questioning of the whole wisdom of the NHS trying to build a huge centralised database for itself.

There is the widespread belief that it is dangerous to entrust one’s medical data to the NHS. The Labour government has been lambasted by the Conservatives who demand that government gives up its efforts to build a massive database at an enormous cost (£12.4 billion).

The Conservatives have now mooted the idea that it is the individual who should have the right to decide whether someone should at all hold his medical data. Simultaneously, they have made it known that if they come back to power — a not unlikely possibility in the next elections due in 2010 — they will give the patient an option to go to Google Health or Microsoft Health Vault, two services that are already available mostly free of cost to the public. The chief merit of this proposal is that patients will have a 24-hour access to their doctors’ notes on a password-protected Web site.

There are, however, sceptics presumably of the Labour persuasion — who say that the two private companies will try to make money through drug or other advertisements based on an individual’s health record or may even sell data held by them for drug trials. There is also the fact that a large number of the poor and elderly in the country do not have access to a computer and hence cannot furnish relevant data to a doctor treating them.

The debate may never be conclusive. The basic point is that government IT systems the world over still lack credibility for security. There have been far too many instances of hacking of government Web sites and losses/theft of hardware such as pen drives from the possession of public servants for anybody’s comfort.

It is against this backdrop that there are some reasonable apprehensions about the just announced National Unique Identity Number project to cover the whole of India. Apart from the massive dimensions of the project, the question that is being raised is what kind of a security architecture Nandan Nilekani and his team will build to ensure that citizen data does not fall into wrong hands.We have had our own share of misfortunes in trying to protect data in sensitive government establishments.

The culture of cyber security is still evolving, and not many in government think that there is much at stake here. It is this laxity that detracts from the merits of building huge databases. The suggestion to Nilekani is that he will do well to distribute the collected data among three or four databases so that the damage is minimised in the event of a cyber attack. It seems presumptuous on our part to advise an icon and a professional such as Nilekani. It is also the public belief that he will be left alone to do his job and no politician will be allowed to tinker with it. This is reassuring. Let us hope that this belief is vindicated to the end.

Finally, an interesting episode, again from the UK. The wife of a senior civil servant who is to take over shortly the leadership of MI6 (equivalent of our RAW) has been found showing scant respect for security. She did not think it wrong to put up her husband’s profile in Facebook and telling the whole world how the intelligence chief looked like and where he lived. This has become a scandal of sorts. We will have to wait and watch as to who will ultimately be punished, the wife or the husband. In either case, it is not going to promote domestic harmony!

The writer is a former CBI Director who is currently Adviser (Security) to TCS Ltd.

More Stories on : Privacy | Health | Security | Security Musings

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Copyright © 2009, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line