Government finally ends e-Borders programme

Bryan Glick writes in Computer Weekly:

The government has formally ended the troubled e-Borders programme, four years after it cancelled a £750m contract for the IT project, although its intended functions have been incorporated into a new, broader project to secure the UK’s borders.

Charles Montgomery, director general of the UK’s Border Force, told a meeting of the Home Affairs Select Committee on Tuesday 11 March 2014 that e-Borders had been “terminated”.

But Home Office officials were subsequently keen to point out that although the e-Borders name is no longer used, all the intended aims of the programme have been merged into the the Border System Programme (BSP), an initiative launched in January 2013. At the time BSP was put out to tender, the Home Office told Computer Weekly it was separate to e-Borders, but its scope has since been expanded.

The e-Borders programme was first commissioned in 2003 to improve the use of data to track people moving in and out of the UK’s borders. One aim was to conduct checks on travellers at the point of embarkation to the UK, rather than on arrival in the country.

Review to probe sale of NHS medical data

Laura Donnelly writes in the Daily Telegraph:

On Thursday the board of HSCIC announced that it will conduct an immediate audit of all data ever disclosed by the central NHS authorities. In April it will disclose details of the data released by HSCIC. Details of data released by its predecessor organisation are expected to be published the following month.

The report will set out what was released and why, and in future, records of such decisions will be released quarterly.

Officials said they were taking the steps in order to “improve the transparency of its decision-making and build public trust in its actions.”

They said the measures were being introduced following the concerns raised by MPs last week

The audit will be led by Sir Nick Partridge, a Non-Executive Director on the HSCIC Board and former Chief Executive of the Terence Higgins Trust.

Careless.data

Nature has published an editorial on care.data, including some reflections on public confidence in the project:

On 19 February, the NHS, which had stubbornly dismissed such criticisms, reluctantly admitted that its critics might have a point, and postponed the launch until the autumn. But the agency still seems to be in denial, arguing that opposition is merely down to problems of communication and public perception. That response is wrong. Care.data is far from ready for launch.

Incredibly, with just a few weeks to go to the scheduled launch, the NHS had not even laid out in detail which groups would be able to access the data, and on what terms. Thus, the public could not fully know what they were signing up to, raising fears that personal data might end up, for example, in the hands of insurance and other commercial companies. Economic growth is a core goal of any UK government, but there has to be confidence that this won’t trample on the rights of individuals.

Adding to the mess, over the past week it has emerged that the Leeds centre has handed over records from its existing massive database of personal hospital data to outside groups in ways that might have contravened its own rules. At the very least, these episodes raise questions about the functioning of the HSCIC, but they also risk diminishing what little public confidence is left in care.data.

Triple-headed NHS privacy scare after hospital data reach marketers, Google

Simon Sharwood writes in The Register:

The UK’s National Health Service (NHS) and the NHS Information Centre are riding out a three-pronged privacy storm.

The first privacy incident starts with this PA Consulting document titled “Placing the patient at the centre of healthcare: PA report on the future of healthcare.”

On page eight, a section titled “The cloud can transform the way the NHS connects and uses data” the discussion turns to “an archive called Hospital Episode Statistics (HES)” that contains “a huge amount of detailed data” about the activity of “every Hospital in England.” The data set occupied a one-terabyte disk drive and as PA Consulting tried to ready it for analysis they found it “took several hours” just to load it into “a traditional Microsoft SQL database”.

In an attempt to hasten analysis of the document, here’s what happened next:

“The alternative was to upload it to the cloud using tools such as Google Storage and use BigQuery to extract data from it. As PA has an existing relationship with Google, we pursued this route (with appropriate approval). This showed that it is possible to get even sensitive data in the cloud and apply proper safeguards.”

The results of this approach were good, from a technical point of view at least. PA’s people report that “queries that took all night on our servers were returned in under 30 seconds using BigQuery” and “Within two weeks of starting to use the Google tools we were able to produce interactive maps directly from HES queries in seconds.”

For some extra context, see this letter from Prof. Ross Anderson to Stephen Dorrell MP.