[OpenID] Perspective from an EMT on "Law 1 and EMTs"
Jesse Robbins
jesse.robbins at openaid.org
Sat Feb 10 18:07:55 UTC 2007
Hi,
I am an EMT, and medical records access like you describe isn't what
I need in the first 60 seconds making a rapid evaluation of a patient
in the field. Useful to me are patient bracelets that says
"Diabetic" or "Allergic to Penicillin", and I don't want to have to
rely on a computer or *carry another piece of equipment*. I don't
need access to your medical records to determine if you have an open
airway, are breathing, and have circulation.
That said, it would be very useful to put a token of some kind in the
bracelet which would either contain their relevant medical record or
allow decryption of their record at a facility that needs the data.
Sincerely,
Jesse Robbins
Firefighter/EMT-B (among other things)
On Feb 10, 2007, at 9:03 AM, Troy Benjegerdes wrote:
> I think you should probably start by quantifying the risk of dieing
> because of lack of lack of access to medical records. If you can
> write a
> whitepaper documenting how likely someone is to die because of lack of
> access to records, then you have something to convince individual
> patients to put their electronic records in control of an ibroker.
>
> The big risk with doing this electronically is that one hacker (or
> organized crime group funding hackers) can break the protocol and then
> get *everyone*'s medical records. The case of stealing someone's
> records
> by non-digital is definitely possible, but you only get one
> person's records.
> If there is an exploitable security hole in the ibroker's web site, or
> in the protocol itself, everyone's records could be disclosed. This
> risk
> can't be quantified unless you start talking about formal methods
> verificiation of the protocol, and all the software the ibroker runs.
> Now we're back into astronomical costs again ;)
>
> I suppose you start by assuming that whatever method you use to
> protect
> medical records *will* be broken, and then you convince people that
> having some organized crime group in another country get their medical
> records is worth the benefits of having their life be saved by the
> medical professionals having access.
>
> On Fri, Feb 09, 2007 at 02:53:16PM -0600, Jaco Aizenman wrote:
>> How about giving all the liability problems to a third party?
>> (answer me to
>> my email please)
>>
>> I mean, the owner of the iBroker can be a local CR company,
>> http://www.labstein.com/ , and not your company.
>>
>> BTW, today if someone really wants it, most probably can get a
>> medical
>> info/record, using also non digital means (with the "help" of
>> clerks working
>> on hospitals for example...). But most probably today a doctor can
>> not get
>> all your medical record, and many times this mean dead or serious
>> problems
>> if the person survives....
>>
>> It is incredible to find out that more poeple die for this reasons
>> than for
>> car accidents!.
>>
>> On 2/9/07, Troy Benjegerdes <hozer at hozed.org> wrote:
>>>
>>> On Fri, Feb 09, 2007 at 11:17:38AM -0600, Jaco Aizenman wrote:
>>>> Jon, in emergency situations, in most countries, security forces
>>>> will
>>> get
>>>> all info needed to save the people. For all other cases the Supreme
>>> Court
>>>> and other?s, should protect the fundamental right of not having
>>>> virtual
>>>> personality (not letting others see your vp content, or contact
>>>> you
>>>> without passing your presence choices).
>>>>
>>>> Eric, my father is a Doctor in CR, and he and others I talked in
>>>> the
>>> health
>>>> sector, want the best(*) content of the patient virtual
>>>> personality,
>>>> available at all times, in all the places.
>>>
>>> Two words: Cost/benefit.
>>>
>>> Getting the 'best' patient information to everyone *that needs it*,
>>> everywhere,
>>> at all times, *without* disclosing this information to unauthorized
>>> persons
>>> is either going to be horrendously expensive, or horrendously
>>> insecure
>>> first then horrendously expensive in the resulting litigation from
>>> inevitable security breaches.
>>>
>>> How much are you willing to pay an iBroker to accept that
>>> liability? Who
>>> is going to pay for it? If you have several hundred thousand to
>>> just get
>>> started documenting the security process, and then a few million to
>>> implement it, then let's talk about this more.. But right now, I
>>> think
>>> we need to see OpenID deployed for *low risk* information like
>>> online
>>> blogs first. If you feel you need to discuss this now, put a dollar
>>> value on it.
>>>
>>>>
>>>> Some local CR actors in the health sector, including Government,
>>>> want to
>>>> find an iBroker that can provide this service of projecting the
>>>> medical
>>>> record content,to the right people, at the right time, at the right
>>> places.
>>>>
>>>> (*) Just critical content for emergency situations, and the full
>>>> patient
>>>> medical record for non emergency situations.
>>>>
>>>>
>>>>
>>>>
>>>> On 1/29/07, Jon Callas <jon at pgpeng.com> wrote:
>>>>>
>>>>>
>>>>> Discussions of this sort set off my own special form of paranoia.
>>>>>
>>>>> When I hear that we have to have identity information opened up so
>>>>> the EMTs can get them, I really hear that we need to do this so
>>>>> that
>>>>> the security forces can get them when you're declared an enemy
>>>>> combatant, or attend the wrong public gathering.
>>>>>
>>>>> Jon
>>> --
>>> --------------------------------------------------------------------
>>> ------
>>> Troy Benjegerdes 'da hozer'
>>> hozer at hozed.org
>>>
>>> Somone asked me why I work on this free (http://www.fsf.org/
>>> philosophy/)
>>> software stuff and not get a real job. Charles Shultz had the
>>> best answer:
>>>
>>> "Why do musicians compose symphonies and poets write poems? They
>>> do it
>>> because life wouldn't have any meaning for them if they didn't.
>>> That's why
>>> I draw cartoons. It's my life." -- Charles Shultz
>>>
>>
>>
>>
>> --
>> Jaco Aizenman L.
>> My iname is =jaco (http://xri.net/=jaco)
>> Founder - www.virtualrights.org
>> XDI Board member - www.xdi.org
>> Tel/Voicemail: 506-3461570
>> Costa Rica
>>
>> What is an i-name?
>> http://en.wikipedia.org/wiki/I-name
>
> --
> ----------------------------------------------------------------------
> ----
> Troy Benjegerdes 'da hozer'
> hozer at hozed.org
>
> Somone asked me why I work on this free (http://www.fsf.org/
> philosophy/)
> software stuff and not get a real job. Charles Shultz had the best
> answer:
>
> "Why do musicians compose symphonies and poets write poems? They do it
> because life wouldn't have any meaning for them if they didn't.
> That's why
> I draw cartoons. It's my life." -- Charles Shultz
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
More information about the general
mailing list