Tuesday, November 13, 2018

Lack of internet access hamper doctor's work

I am surprised to learn about the problem faced by the doctors that is caused by removing the internet access. The doctors need to retrieve the records of patients for their treatment.

By removing the internet access, the staff has to spend a lot of time to get the information. This caused delay and stress.

This episode exposes the weakness of the culture that is prevalent in Singapore.

Leaders just refused to take the lead, to take responsibility and to exercise their common sense.

I know that there was a breach of security that led to 1.5 million patient records being stolen.

This large number is shocking and should not be allowed to happen.

But a small number that is stolen is not serious. The data that is stolen is not critical. It is just the name, address, date of birth and NRIC number of the patient, and maybe a few more fields.

What is the problem?

If my data is stolen, I would not be worried. My name and address can be found from the telephone directory (not sure if they still print it).

My date of birth is 9 March 1948. Please take note and send me birthday greetings.

If you want to know my NRIC No, you can work as a security guard at any building. They scan my NRIC and also asked for my mobile No.

There is no need to be paranoid that this type of data can be stolen by hackers.

I do not condone the large scale loss of data. However, I do not agree on the extreme reaction.

It is all right to restrict certain types of access to the local area network, i.e. not accessible through the internet. This applies to the web pages that contain the details of many patients, e.g. those who visited the various hospitals in a day.

I suspect that this was how 1.5 million records were hacked.

But it is all right for the doctor to get access to 1 patient record at a time.

I have recommended the every access should be logged, so that the system administrator know the doctor, the patient and the timestamp of each access.

The log will be able to tell if a particular doctor had accessed many patient records in a day. This is likely to be unauthorised access.

I now come back to the issue of taking responsibility.

Our health minister should come forward and authorise the restoration of the internet access to doctors who need the patient records to treat the patient.

If he is not sure about the risk, he can consult me. He does not need to pay me for my consultation. He only need to be humble to ask me.

He can continue to stay in the background and let the patients and the staff continue to work under difficult conditions, without the information that is needed for their work.

He can also delay taking any action on the excuse that this is being considered by the commission of inquiry. It is quite common to "pass the buck". It is our prevailing culture.

Tan Kin Lian




No comments:

Blog Archive