References

1

`Setting the Records Straight --- A Study of Hospital Medical Records', Audit Commission,, June 1995

2

`For Your Information --- A Study of Information Management and Systems in the Acute Hospital', Audit Commission,, July 1995

3

``NHS wide networking and patient confidentiality'', RJ Anderson, in British Medical Journal v 310 no 6996 (1 July 1996) pp 5--6

4

`NHS Network Security', RJ Anderson, 30th May 1995

5

`Security in Clinical Information Systems', RJ Anderson, published by the British Medical Association, January 1996; also available from http://www.cl.cam.ac.uk/users/rja14/#Med

6

``Clinical system security: interim guidelines'', RJ Anderson, in British Medical Journal v 312 no 7023 (13 Jan 1996) pp 109--111

7

``Patient Confidentiality --- At Risk from NHS Wide Networking'', RJ Anderson, to appear in Proceedings of Healthcare 96, March 96

8

``A Security Policy Model for Clinical Information Systems'', in Proceedings of the 1996 IEEE Symposium on Security and Privacy pp 30--43

9

DE Bell, LJ LaPadula, `Secure Computer Systems: Mathematical Foundations', Mitre Corporation report ESD-TR-73-278

10

`Chipkarten im Gesundheitswesen', Bundesamt für Sicherheit in der Informationstechnik, Bundesanzeiger 4 May 1995

11

Submission from HBO & Company, J Baker

12

B Blobel, this volume

13

`Pseudonymous Medical Registries', E Boe, Norwegian Official Report 1993:22

14

`Draft guidance for the NHS on the confidentiality, use and disclosure of personal health information', N Boyd, DoH, 10 August 1994

15

V Brannigan, personal communication

16

``Is your health history anyone's business?'' McCall's Magazine 4/95 p 54, reported by M Bruce on Usenet newsgroup comp.society.privacy, 22 Mar 1995

17

``Confidentiality of medical records: the patient's perspective'', D Carman, N Britten, British Journal of General Practice v 45 (September 95) pp 485--488

18

``Who's reading your medical records?'' Consumer Reports, Oct 94 pp 628--632

19

``A Comparison of Commercial and Military Computer Security Policies'', D Clark, D Wilson, in Proceedings of the 1987 IEEE Symposium on Security and Privacy pp 184--194

20

``Dorrell urges refocus over NHS technology'', in Computer Weekly (30/5/96)

21

Parliamentary question, H Cohen, 3/4/96

22

`Security in Clinical Information Systems', submission from J Crown, President, Faculty of Public Health Medicine, to BMA, 29/2/96

23

R Cushman, this volume

24

`How to Keep a Clinical Confidence', B Darley, A Griew, K McLoughlin, J Williams, HMSO 1994

25

NHS Data Manual, Technical Modules Volume 1 and 2, 1996

26

Submission from the Society of Occupational Medicine, D Dean, 12/4/96

27

``New Guidance on Computer Security Issued'', DoH press release, 8/12/96

28

``BMA warns doctors about government guidance on computer security'', BMA press release, 11/12/96

29

`Cryptography and Data Security', DER Denning, Addison-Wesley 1982

30

`A Strategy for Security of the Electronic Patient Record', A Griew, R Currell, IHI, University of Wales, Aberystwyth, 14/3/95

31

`Good Medical Practice', General Medical Council

32

`Confidentiality', General Medical Council

33

``Privacy and Security of Personal Information in a New Health Care System'', LO Gostin, J Turek-Brezina, M Powers et al., in Journal of the American Medical Association v 20 (24/11/93) pp 2487--2493

34

``Contract minimum dataset includes confidential data'', in British Medical Journal v 312 (20/1/96) p 185

35

(HISS presentation to BMA IT Committee, 24/4/96)

36

A Hassey, M Wells, this volume

37

``HIV code prompts debate on privacy'', P Hagan, in Hospital Doctor (29/2/96) pp 16

38

Parliamentary reply, J Horam, 16/4/96

39

`Information Technology Security Evaluation Criteria', EU document COM(90) 314 (6/91)

40

``GMSC and RCGP guidelines for the extraction and use of data from general practitioner computer systems by organisations external to the practice'', Appendix III in `Committee on Standards of Data Extraction from General Practice Guidelines' Joint Computer Group of the GMSC and the RCGP, 1988

41

``Nurse Jailed for Hacking into Computerised Prescription System'', in British Journal of Healthcare Computing and Information Management v 1 (94) p 7

42

S Jenkins, this volume

43

U Kohl, this volume

44

``Your Secrets for Sale'', N Luck, J Burns, The Daily Express, 16/2/94 pp 32--33

45

Private conversation with Peter Landrock

46

`` `Soundex' codes of surnames provide confidentiality and accuracy in a national HIV database'', JY Mortimer, JA Salathiel, Communicable Disease Report v 5 no 12 (10 Nov 1995) pp R183--R186

47

Senior IMG official, letter to BMA, 22/6/95

48

Senior IMG official, letter to BMA, 7/9/95

49

Senior IMG official, talk on Radio Northampton, 11.10, 12/6/96

50

`Information Systems Security: Top level policy for the NHS`, IMG document 2009 (b)

51

`NWN Threats and Vulnerabilities', 5 April 1995, IMG document NWNS/T1.22

52

`NHS-wide networking: data security policy', IMG document NWNS/T3.3

53

`NHS wide networking security architecture`, 3 April 1995, IMG document NWNS/T1.21

54

Security Guide for IM&T Specialists', 3 April 1995, IMG document NWNS/T5.11

55

`NHS/CCTA Internet Security Report' version 1.3

56

`NHS IS Reference Manual', December 1995

57

`A Members' Guide to the Intended Goals and Purposes of the IM&T Strategy' R Neame, 3/3/96

58

R Neame, this volume

59

``GP Practice computer security survey'', RA Pitchford, S Kay, Journal of Informatics in Primary Care (September 95) pp 6--12

60

letter from DR Price to BMA, 28/5/96

61

M Rigby, this volume

62

Presentation to IEEE Symposium on Security and Privacy 96, T Rindfleisch, 7/5/96

63

R Roberts et al, this volume

64

``For Sale: your secret medical records for £ 150'', L Rogers, D Leppard, Sunday Times 26/11/95 pp 1--2

65

Senior NHS Executive official, letter to BMA, 20/12/94

66

Senior NHS Executive official, letter to BMA, 15/2/95

67

Senior NHS Executive official, letter to BMA, 13/12/96

68

Senior NHS Executive official, letter to BMA, 12/2/96

69

`Applied Cryptography', B Schneier, second edition, Wiley 1995

70

Response on behalf of Conference Information Group, Prof. M Severs

71

GJ Simmons, personal communication, 1996

72

`Medical Ethics Today --- Its Practice and Philosophy', A Sommerville, BMA 1993

73

``The Active Badge Location System'', R Want, A Hopper, V Falcao, J Gibbons, in ACM Transactions on Information Systems v 10 no 1 (January 1992) pp 91--102

74

Submission on behalf of the ABPI, F Wells

75

Senior NHS medical officer, letter to BMA, 15/8/95

76

Senior NHS medical officer, letter to BMA, 17/11/95

77

`The use of encryption and related services with the NHSnet', prepared by Zergo Ltd for NHS Executive; document NHSE IMG E5254