NHS computer network faces privacy danger

New network could turn into tool for government monitoring, privacy experts warn

The forthcoming encryption-based NHS communications network could soon provide a simple means for government agencies and others to gain access to confidential information about the British public, according to experts.

Encryption expert Ross Anderson has expressed fears that as the network becomes more widely used, secure and accessible, it is likely to become a crucial means for monitoring the public.

"One of my main privacy concerns at the moment is that the central computer system that records everybody's NHS number also contains a list of all the healthcare providers where you've been treated," he says. "Access to the NHS number system is likely to become widespread as it's much the most accurate and up-to-date population register in the UK. I expect that within five years, the NHS number database will be the principal method used by the police to trace people, and that private eyes will bribe their way in as well."

Anderson also believes that the means for securing this network under consideration are unlikely to offer any real protection for individuals. "What does the NHS plan to do? Well they talk about introducing crypto into the NHS wide network, which carries the data back and forth between the doctors and the central databases. Perhaps someone can explain to me how this is supposed to help. I'm obviously too dense to get it."

A security expert with experience of government computer networks Ian Johnston-Bryden of Oceanus Security agrees that a supposedly secure NHS communications infrastructure could in fact provide in a mine of information for the authorities. "They want to encrypt everything and send it over the Internet," he says. "CESG (the Communications Electronic Security Group, the governmental encryption headquarters) is providing the Red Pike algorithm and has promised that it won't use its knowledge of it, but that doesn't stop the police or MI6.

According to Johnston-Bryden, however, there are also far simpler ways to get hold confidential information. He adds, "A lot of doctors already won't put information on computer, sometimes out of techno-phobia but also because of real security concerns. It doesn't matter how you encrypt something in the NHS backbone because it doesn't stop someone copying it and giving it to someone else."

Johnston-Bryden also believes that commercial involvement in the health service may play an important role in the manipulation of computerised medical information. He adds, "Once you introduce commercial interests, which you have to, it becomes more complicated. I wouldn't put it past certain companies and even the government altering information if they thought they could get away with it."

They can see you... Read about how and why in Surveillance , a ZDNet News Special.