[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S.1360 and security.



  > Perhaps more practical in dealing with the realities of medical
  > data, would be  to hire a think tank like the Rand Corporation 
  > (I have no connections or interest in Rand).  Rand has lots 
  > of experience with military security.  They could study the
  > problem and recommend ways to achieve appropriate security.  
  
  It's already been done. The BMA hired Cambridge University to
  study the problem and come up with recommendations. Their security
  policy can be got from:
  
  	http://www.cl.cam.ac.uk/users/rja14/#Med
  
  This policy will also be discussed at the world's premier computer
  security conference, the IEEE Symposium on Security and Privacy,
  which takes place from May 6-8 at Oakland.
  
  See you there?
  
  Ross Anderson