1996-02-21 - Re: Patient medical files on Net
Header Data
From: Adam Shostack <adam@lighthouse.homeport.org>
To: mdiehl@dttus.com (Martin Diehl)
Message Hash: 554444fcbc286d2d9e54d44de3c0dc5a4056ba24d4c6bcad748fdb1a889a2379
Message ID: <199602211521.KAA06043@homeport.org>
Reply To: <9601208248.AA824855630@cc1.dttus.com>
UTC Datetime: 1996-02-21 16:38:24 UTC
Raw Date: Thu, 22 Feb 1996 00:38:24 +0800
Raw message
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 22 Feb 1996 00:38:24 +0800
To: mdiehl@dttus.com (Martin Diehl)
Subject: Re: Patient medical files on Net
In-Reply-To: <9601208248.AA824855630@cc1.dttus.com>
Message-ID: <199602211521.KAA06043@homeport.org>
MIME-Version: 1.0
Content-Type: text
When I was working in a reasearch lab at a large hospital, we
considered using SSL for protecting some non-anonymized patient
information.
We decided against putting those records on the web for a
number of reasons. First was a general distrust of the SSL protocol.
Versions 1 & 2 were designed by amatuer cryptographers, to protect
credit card numbers. We considered patient records much more private
than that. Next was the de facto 40 bit keysize of Netscape. We
didn't want to try to teach surgeons the difference between the 40 bit
crypto in the free version & the 128 bit in the pay for version. They
were already convinced that Netscape was unbreakable encryption.
(Fortunately, this was about 2 days before the random numbers got to
the front page of the New York Times, so they believe me now.) The
last reason was becuase I fully expect web servers to become the
sendmails of the 90s. Big, badly configured, and used as a means of
breaking into a server. Once someone breaks into a web server, all
the encryption in the world won't help; those files need to be
decrypted so they can be sent out under SSL's arbitrary keys.
Adam
| Some obvious proposals would be to use something like SSL to do server
| to workstation encryption. I don't know what issues may exist such as
| the effort to install SSL, key management, and processing delays due
| to session keys and traffic encryption. In addition, how could an
| on-call doctor access patient records through an ISP and maintain
| patient privacy. An obvious issue (which I know have been discussed
| on this list) has to do with the trade-off between key size and
| privacy.
|
| Any other thoughts?
|
| Martin G. Diehl
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Thread
Return to February 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to “juggy@cerc.wvu.edu (V. “Juggy” Jagannathan)”
Return to ““Martin Diehl” <mdiehl@dttus.com>”
- 1996-02-21 (Wed, 21 Feb 1996 12:55:34 +0800) - Patient medical files on Net - “Martin Diehl” <mdiehl@dttus.com>
- 1996-02-21 (Thu, 22 Feb 1996 00:38:24 +0800) - Re: Patient medical files on Net - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-02-23 (Sat, 24 Feb 1996 04:51:05 +0800) - Re: Patient medical files on Net - juggy@cerc.wvu.edu (V. “Juggy” Jagannathan)
- 1996-02-21 (Thu, 22 Feb 1996 00:38:24 +0800) - Re: Patient medical files on Net - Adam Shostack <adam@lighthouse.homeport.org>