[OpenID] Perspective from an EMT on "Law 1 and EMTs"

Jesse Robbins jesse.robbins at openaid.org
Sat Feb 10 18:07:55 UTC 2007


Hi,

I am an EMT, and medical records access like you describe isn't what  
I need in the first 60 seconds making a rapid evaluation of a patient  
in the field.  Useful to me are patient bracelets that says  
"Diabetic" or "Allergic to Penicillin", and I don't want to have to  
rely on a computer or *carry another piece of equipment*.  I don't  
need access to your medical records to determine if you have an open  
airway, are breathing, and have circulation.

That said, it would be very useful to put a token of some kind in the  
bracelet which would either contain their relevant medical record or  
allow decryption of their record at a facility that needs the data.

Sincerely,
Jesse Robbins
Firefighter/EMT-B (among other things)



On Feb 10, 2007, at 9:03 AM, Troy Benjegerdes wrote:

> I think you should probably start by quantifying the risk of dieing
> because of lack of lack of access to medical records. If you can  
> write a
> whitepaper documenting how likely someone is to die because of lack of
> access to records, then you have something to convince individual
> patients to put their electronic records in control of an ibroker.
>
> The big risk with doing this electronically is that one hacker (or
> organized crime group funding hackers) can break the protocol and then
> get *everyone*'s medical records. The case of stealing someone's  
> records
> by non-digital is definitely possible, but you only get one  
> person's records.
> If there is an exploitable security hole in the ibroker's web site, or
> in the protocol itself, everyone's records could be disclosed. This  
> risk
> can't be quantified unless you start talking about formal methods
> verificiation of the protocol, and all the software the ibroker runs.
> Now we're back into astronomical costs again ;)
>
> I suppose you start by assuming that whatever method you use to  
> protect
> medical records *will* be broken, and then you convince people that
> having some organized crime group in another country get their medical
> records is worth the benefits of having their life be saved by the
> medical professionals having access.
>
> On Fri, Feb 09, 2007 at 02:53:16PM -0600, Jaco Aizenman wrote:
>> How about giving all the liability problems to a third party?  
>> (answer me to
>> my email please)
>>
>> I mean, the owner of the iBroker can be a local CR company,
>> http://www.labstein.com/ , and not your company.
>>
>> BTW, today if someone really wants it, most probably can get a  
>> medical
>> info/record, using also non digital means (with the "help" of  
>> clerks working
>> on hospitals for example...). But most probably today a doctor can  
>> not get
>> all your medical record, and many times this mean dead or serious  
>> problems
>> if the person survives....
>>
>> It is incredible to find out that more poeple die for this reasons  
>> than for
>> car accidents!.
>>
>> On 2/9/07, Troy Benjegerdes <hozer at hozed.org> wrote:
>>>
>>> On Fri, Feb 09, 2007 at 11:17:38AM -0600, Jaco Aizenman wrote:
>>>> Jon, in emergency situations, in most countries, security forces  
>>>> will
>>> get
>>>> all info needed to save the people. For all other cases the Supreme
>>> Court
>>>> and other?s, should protect the fundamental right of not having  
>>>> virtual
>>>> personality (not letting others see your vp content, or  contact  
>>>> you
>>>> without passing your presence  choices).
>>>>
>>>> Eric, my father is a Doctor in CR, and he and others I talked in  
>>>> the
>>> health
>>>> sector, want the best(*) content of the patient virtual  
>>>> personality,
>>>> available at all times, in all the places.
>>>
>>> Two words: Cost/benefit.
>>>
>>> Getting the 'best' patient information to everyone *that needs it*,
>>> everywhere,
>>> at all times, *without* disclosing this information to unauthorized
>>> persons
>>> is either going to be horrendously expensive, or horrendously  
>>> insecure
>>> first then horrendously expensive in the resulting litigation from
>>> inevitable security breaches.
>>>
>>> How much are you willing to pay an iBroker to accept that  
>>> liability? Who
>>> is going to pay for it? If you have several hundred thousand to  
>>> just get
>>> started documenting the security process, and then a few million to
>>> implement it, then let's talk about this more.. But right now, I  
>>> think
>>> we need to see OpenID deployed for *low risk* information like  
>>> online
>>> blogs first. If you feel you need to discuss this now, put a dollar
>>> value on it.
>>>
>>>>
>>>> Some local CR actors in the health sector, including Government,  
>>>> want to
>>>> find an iBroker that can provide this service of projecting the  
>>>> medical
>>>> record content,to the right people, at the right time, at the right
>>> places.
>>>>
>>>> (*) Just critical content for emergency situations, and the full  
>>>> patient
>>>> medical record for non emergency situations.
>>>>
>>>>
>>>>
>>>>
>>>> On 1/29/07, Jon Callas <jon at pgpeng.com> wrote:
>>>>>
>>>>>
>>>>> Discussions of this sort set off my own special form of paranoia.
>>>>>
>>>>> When I hear that we have to have identity information opened up so
>>>>> the EMTs can get them, I really hear that we need to do this so  
>>>>> that
>>>>> the security forces can get them when you're declared an enemy
>>>>> combatant, or attend the wrong public gathering.
>>>>>
>>>>>        Jon
>>> --
>>> -------------------------------------------------------------------- 
>>> ------
>>> Troy Benjegerdes                'da hozer'                 
>>> hozer at hozed.org
>>>
>>> Somone asked me why I work on this free (http://www.fsf.org/ 
>>> philosophy/)
>>> software stuff and not get a real job. Charles Shultz had the  
>>> best answer:
>>>
>>> "Why do musicians compose symphonies and poets write poems? They  
>>> do it
>>> because life wouldn't have any meaning for them if they didn't.  
>>> That's why
>>> I draw cartoons. It's my life." -- Charles Shultz
>>>
>>
>>
>>
>> -- 
>> Jaco Aizenman L.
>> My iname is =jaco (http://xri.net/=jaco)
>> Founder                - www.virtualrights.org
>> XDI Board member - www.xdi.org
>> Tel/Voicemail: 506-3461570
>> Costa Rica
>>
>> What is an i-name?
>> http://en.wikipedia.org/wiki/I-name
>
> -- 
> ---------------------------------------------------------------------- 
> ----
> Troy Benjegerdes                'da hozer'                 
> hozer at hozed.org
>
> Somone asked me why I work on this free (http://www.fsf.org/ 
> philosophy/)
> software stuff and not get a real job. Charles Shultz had the best  
> answer:
>
> "Why do musicians compose symphonies and poets write poems? They do it
> because life wouldn't have any meaning for them if they didn't.  
> That's why
> I draw cartoons. It's my life." -- Charles Shultz
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general




More information about the general mailing list