Others have linked to left-wing websites, not me. But whatever the political bias of the websites, the facts don't seem to be congruent with what you'll find on that hotbed of left-wing radicalism: the Bush White House website on the federal budget. http://www.whitehouse.gov/omb/budget/fy2002/guide0 4.html
A short websearch will provide you with lots of US government or even right-wing analyses of government spending. This one here shows that in 2003, the US spent c$400bn on national defense, c$220bn on health (which I'm guessing is Medicaid) and c$250bn on medicare. So you're right that health is a huge category of spending but you're wrong to imply that defense is but a tiny minnow by comparison. And by the way, how come you don't get so steamed up about interest payments? That was c$150bn in 2003! I should have been clearer -- I intended to say, you *didn't* have to fight *this* war. I accept the principle of the need for self-defense.
And you haven't answered the central charge of what I said: if you don't buy your healthcare with taxes, you'll buy it through insurance or out-of-pocket. Funding sources will make little difference to whole systems costs.
Of course, it *is* true that the UK's NHS (evil socalistic single-payor NHS tax-funded system) provides universal coverage at ~9% of GDP with rationing by waitlists and access to treatments, while the US's mix of private and public systems provides c80% coverage at ~16% of GDP with rationing by costs of insurance and policy exclusions. But that's a different argument.
Representation bias is an obvious problem in all market research, but hey, it's good enough for corporations to use to predict what millions of us will do and make their money, so it shouldn't be dismissed out of hand.
Sorry, but this is a really dumbass thing to say. Of course humanity as a whole will survive climate change. The question is, will our civilisation? How many people will die in the process? You may recall that 1,400 years ago there were approx 200m people in the world. There are currently 6bn+. So at the same time as the odds of at least someone surviving have gone up, the risks of lots of people dying (and animals and plants too, and of environments being significantly degraded) have dramatically increased.
Yes, but while you don't have to fight a war (honestly, you don't), you do have to pay for healthcare. Whether you do it through taxes, insurance or out-of-pocket has a major impact on equity, but only a minor impact on system costs. So you're not going to suddenly reduce the costs of healthcare by cutting back Medicaid -- you'll just shift them. By contrast, you can of course cut the costs of social programs, but you may find other costs rising as well. And there's the disadvantage of heaping misery on poor people's shoulders, but you may be able to rationalise that away with some moral indignation about the feckless poor...
What's more, having something to hide != being evil
A few obvious examples: a woman suffering abuse from her husband may wish to escape and establish a new identity. That's going to a lot harder now, especially if her husband works for the state. Nasty vicious jealous shits who beat their wives to death may not be all that deterred by the illegality of exploiting their access to confidential data.
To take another example: people on witness protection programmes. To take a take a third example: a reformed criminal who's been touched by the healing power of sweet Jesus and is trying to make a new start in life. A fourth: someone wanting to get away from their oppressive and clingy parents.
With tens of thousands of officials having sanctioned access in principle to the database, and similar numbers of access points all around the country, this database will be compromised. Clearing up the mess after the fact through the use of audit trails lands squarely in the category of bolting the stable door after the horse is already in the next county.
Lots of people want to disappear, and many of them have entirely legitimate and reasons that cannot be construed in any way as evil.
The challenge is how to make sense of the data: most people are not going to be able to interpret that table. It's difficult to present the key data effectively to allow people to make an informed choice; it's hard enough for people to make effective choices between types of treatment (eg CABG vs other treatments), never mind assess where the best place is to have it.
But I'm glad it's straightforward and obvious to you.
You say: "Wasn't it much warmer than +2C at intermittent periods in humanity's past, as well as in more ancient geologic epochs?"
Can you think of any differences between today and humanity's past that might mean that a +2C change is just a leetle bit more concerning? Like the fact that we now number in the billions, rather than the tens of millions? And consequently there are a whole lot more people who are vulnerable to significant changes in climate, whether caused by us or otherwise?
Has no-one in this place read Jared Diamond? What is it that people are so unwilling to accept that humans are capable of a) changing their environment significantly and b) being stupid enough buggers to do it in a way that leads to their own demise in very large numbers?
You're right that lots of people die in hospitals due to errors. And you're right that quality is a problem. But these are not quite as related as you think. For a start, risk = frequency * severity. Medicine entails invasive procedures and sick people, so severity is very high. Human error is inevitable and will always have consequences, failsafe systems notwithstanding -- and it counts a lot more in medicine than in software code (mostly, anyway). Secondly, medicine involves hugely complex biological systems and we just don't know how to measure quality most of the time.
I'm surprised you don't think there is any real risk attached to the leaking of medical records. The risks are real and there are documented instances of their occurrences of failures with severe consequences. These include the IRA penetrating the medical records system at the Royal Victoria Hospital in Belfast to target police officers; a bank manager on the board of a US hospital finding out which of his customers had cancer and foreclosing the loans; and US insurers have disclosed health information about customers to lenders and employers without permission.
Many people are vulnerable to blackmail about sensitive aspects of their medical records, including--but hardly limited to--sexual and mental health. Similarly, people may avoid seeking medical advice for such conditions if they fear that they cannot speak in confidence. And large networked databases simultaneously increase the value of the data to malicious users (more chance of finding something interesting) and the opportunities for access.
Of course, the major threats are all internal, not external -- malicious insiders.
The prescription charge is the same across the UK.
There are not more administrators than doctors and nurses. There are more non-clinical staff than doctors and nurses. The much-quoted administrators/managers figure includes not only managers in the traditional sense but also medical secretaries (who manage the medical notes), receptionists, IT staff, porters, cleaners, engineers, caterers and domestic and security staff. Does it really surprise you that there are more of this type of staff than doctors and nurses? And what about other clinical staff such as physios, radiographers, podiatrists, clinical scientists etc? Do they not count?
When have you met anyone in the UK who thinks the NHS is free, rather than free at the point of use? You're talking drivel. And in case you hadn't noticed, if you want to get private care in the UK, you are at liberty to do so (assuming you can afford it). Doctors in Harley Street will be delighted to take your or your insurer's money.
Ironically, tachographs are the subject of very large numbers of attacks to falsify travel records. They used to be circular charts of the sort you described, but they are shifting to be electronic versions now. And they have become much easier to hack as a result...
It's not about the sky falling in; it's about a realistic assessment of the costs and benefits of new security protocols. Building a realistic threat model is a fundamental step in security engineering, and given that this system has apparently been designed to counter the threat posed by motivated and capable terrorists with access to extensive technical, financial and human resources, it seems reasonable to discuss possible failure modes.
These could include finding and compromising the transmitter/receiver once installed, whether through visual inspection, electronic or other detection, or compromising someone who has the information. There are many others. Physical alarm systems must deter, then detect, then alarm, then delay, then respond.
There are potential attacks that can be launched on the systems at each stage of this process: if the terrorist takes over the truck, is thwarted in his attempt to crash it into a building and responds by setting off a bomb, then the system has failed to deter. If the terrorist can attack the communications sub-system to prevent detection of his actions, then the system has failed. If the terrorist has already driven the truck into the bridge support when the shutdown command is received, then the system has failed. If the terrorist is able to walk away from the stopped truck, having left a bomb behind for the SWAT team, then the system has failed.
The requirements of an alarm I've just described come from Ross Anderson of the University of Cambridge.
I know it's an optical mouse and it doesn't have a ball. The optical sensor may be a laser product, but it can't require *that* much power, considering that it runs on 2 1.5V batteries with a typical load of 25mA each, ie 0.0375 Watts. By contrast, humans produce 60W during sleep, 70W when awake but sedentary, and 150 to 200W doing light work. I think we should probably be able to charge up the battery without tiring ourselves too much...
But I would have thought that you could store power along the lines of self-winding watches--you'd want to use a different type of energy store, obviously. I'm not sure if you could store *enough* power...but it would be fun if it could be done. The other way would be to allow mechanical charging along the lines of the Freeplay wind-up radio.
This is a bit silly. Heinlein had already anticipated this problem back in the 50s or 60s and incorporated a solution--such as shock, horror! being able to turn the screen off. It's obviously not a real issue. And there are dozens of straightforward social uses for videophones, mostly variants on "show and tell" -- look at how the cat/grandchild has grown, what do you think of my new clothes, do I look ill to you or should I stop worrying, etc etc.
No-one doubts what you say. The $64m question is, how many SUV owners really do honestly *need* that big, heavy vehicle? After all, no-one is required to demonstrate that they have a need for an SUV before they are allowed to buy one. So it is entirely possible that many millions of people have bought one for reasons of desire rather than necessity. I think that this is exactly what has happened--lots of people now want to drive SUVs. Only a small subset actually need to drive SUVs (and only a much smaller subset need to drive SUVs on a regular basis). Driving around all these SUVs is causing a rise in external costs: guzzling more oil and spewing more pollution than would be the case otherwise, for example. I'm not demanding that the state should prevent someone from buying an SUV unless they can demonstrate need. I doubt many people are. But I would like to see the state *discouraging* the purchase of SUVs--through increasing the costs of ownership. And if that sticks in people's craws--tough.
Legally, Wales is considered a country. The United Kingdom of Great Britain and Northern Ireland has four "home countries": England, Wales, Scotland and Northern Ireland.
Don't be a prat. If I get on a plane and fly around the world to New Zealand, I get jet lagged. But I can switch sleep problems quite quickly without a problem, due to my adjusting to the different light/dark cycle.
(PII = patient identifiable information) I know that these things are grey. That's why I objected to your saying that they weren't. You said "there can be no consent" where distress is an issue. That's not a statement describing shades of grey. It's also not true.
Furthermore, there is no contradiction between rules requiring you to obtain specific permission to use PII for purposes other than care and using such information in an educational setting. You just have to get the consent of the person concerned.
Of course, anonymisation is sometimes imperfect--so you try not to provide too many identifying details when discussing cases with colleagues. This doesn't condone your choosing not to get *any* consent or make *any* effort at de-identification.
Your choice of words is very interesting. You talk about "the consent form". While a useful written record, the important thing about getting consent is the communication with the patient. You should be making a reasonable effort to tell the patient how you would like to use information about them. I doubt many would give a fiddly fuck about whether a student was affiliated with a particular school. But they would want to know that you were planning on using their case as an educational tool.
You make an entirely valid point about the conditions of a client's care being dynamic. That's why consent obligations are dynamic as well. If you find you have a new reason for sharing information about the patient, you should talk to them again and gain additional consent.
I don't approve of honeypots in medical information systems either. But you were implying that you believed you had a right to share information with other colleagues and to poke around medical records sets in a pretty unrestrained manner. I wouldn't try that approach in the UK! The point about need to know is, frankly, a bit silly. A large teaching hospital might have perhaps 1000 patients. You can hardly start reading all their records on the basis that you might need to know the information in an emergency. Hospital doctors are usually pushed just to keep up with the records for patients they are caring for.
I'm really not sure what you're talking about with the brain swipes paragraph.
Finally, I will rephrase my question as a statement, so that you don't have to share any information that you don't want to. I sincerely hope that you are not a health professional: your perspective on PII is bizarre and if are a health professional and you put it into practice, you are pretty much certain to be in contravention of your professional obligations. Thankfully, your choice of language seems to indicate that you're not a medic.
Slashdot Mirror
Others have linked to left-wing websites, not me. But whatever the political bias of the websites, the facts don't seem to be congruent with what you'll find on that hotbed of left-wing radicalism: the Bush White House website on the federal budget.0 4.html
http://www.whitehouse.gov/omb/budget/fy2002/guide
A short websearch will provide you with lots of US government or even right-wing analyses of government spending. This one here shows that in 2003, the US spent c$400bn on national defense, c$220bn on health (which I'm guessing is Medicaid) and c$250bn on medicare. So you're right that health is a huge category of spending but you're wrong to imply that defense is but a tiny minnow by comparison. And by the way, how come you don't get so steamed up about interest payments? That was c$150bn in 2003!
I should have been clearer -- I intended to say, you *didn't* have to fight *this* war. I accept the principle of the need for self-defense.
And you haven't answered the central charge of what I said: if you don't buy your healthcare with taxes, you'll buy it through insurance or out-of-pocket. Funding sources will make little difference to whole systems costs.
Of course, it *is* true that the UK's NHS (evil socalistic single-payor NHS tax-funded system) provides universal coverage at ~9% of GDP with rationing by waitlists and access to treatments, while the US's mix of private and public systems provides c80% coverage at ~16% of GDP with rationing by costs of insurance and policy exclusions. But that's a different argument.
Representation bias is an obvious problem in all market research, but hey, it's good enough for corporations to use to predict what millions of us will do and make their money, so it shouldn't be dismissed out of hand.
Sorry, but this is a really dumbass thing to say. Of course humanity as a whole will survive climate change. The question is, will our civilisation? How many people will die in the process? You may recall that 1,400 years ago there were approx 200m people in the world. There are currently 6bn+. So at the same time as the odds of at least someone surviving have gone up, the risks of lots of people dying (and animals and plants too, and of environments being significantly degraded) have dramatically increased.
Yes, but while you don't have to fight a war (honestly, you don't), you do have to pay for healthcare. Whether you do it through taxes, insurance or out-of-pocket has a major impact on equity, but only a minor impact on system costs. So you're not going to suddenly reduce the costs of healthcare by cutting back Medicaid -- you'll just shift them. By contrast, you can of course cut the costs of social programs, but you may find other costs rising as well. And there's the disadvantage of heaping misery on poor people's shoulders, but you may be able to rationalise that away with some moral indignation about the feckless poor...
What's more, having something to hide != being evil
A few obvious examples: a woman suffering abuse from her husband may wish to escape and establish a new identity. That's going to a lot harder now, especially if her husband works for the state. Nasty vicious jealous shits who beat their wives to death may not be all that deterred by the illegality of exploiting their access to confidential data.
To take another example: people on witness protection programmes. To take a take a third example: a reformed criminal who's been touched by the healing power of sweet Jesus and is trying to make a new start in life. A fourth: someone wanting to get away from their oppressive and clingy parents.
With tens of thousands of officials having sanctioned access in principle to the database, and similar numbers of access points all around the country, this database will be compromised. Clearing up the mess after the fact through the use of audit trails lands squarely in the category of bolting the stable door after the horse is already in the next county.
Lots of people want to disappear, and many of them have entirely legitimate and reasons that cannot be construed in any way as evil.
I'm not trying to be profound, I'm just saying it's not as simple as you're suggesting.
y /0,,1439210,00.html
For example, funnily enough, your proposal for publishing outcomes data has been taken up for heart surgery in the UK. See, for eg:
http://society.guardian.co.uk/nhsperformance/stor
The challenge is how to make sense of the data: most people are not going to be able to interpret that table. It's difficult to present the key data effectively to allow people to make an informed choice; it's hard enough for people to make effective choices between types of treatment (eg CABG vs other treatments), never mind assess where the best place is to have it.
But I'm glad it's straightforward and obvious to you.
You say: "Wasn't it much warmer than +2C at intermittent periods in humanity's past, as well as in more ancient geologic epochs?"
Can you think of any differences between today and humanity's past that might mean that a +2C change is just a leetle bit more concerning? Like the fact that we now number in the billions, rather than the tens of millions? And consequently there are a whole lot more people who are vulnerable to significant changes in climate, whether caused by us or otherwise?
Has no-one in this place read Jared Diamond? What is it that people are so unwilling to accept that humans are capable of a) changing their environment significantly and b) being stupid enough buggers to do it in a way that leads to their own demise in very large numbers?
You're right that lots of people die in hospitals due to errors. And you're right that quality is a problem. But these are not quite as related as you think. For a start, risk = frequency * severity. Medicine entails invasive procedures and sick people, so severity is very high. Human error is inevitable and will always have consequences, failsafe systems notwithstanding -- and it counts a lot more in medicine than in software code (mostly, anyway). Secondly, medicine involves hugely complex biological systems and we just don't know how to measure quality most of the time.
I'm surprised you don't think there is any real risk attached to the leaking of medical records. The risks are real and there are documented instances of their occurrences of failures with severe consequences. These include the IRA penetrating the medical records system at the Royal Victoria Hospital in Belfast to target police officers; a bank manager on the board of a US hospital finding out which of his customers had cancer and foreclosing the loans; and US insurers have disclosed health information about customers to lenders and employers without permission.
Many people are vulnerable to blackmail about sensitive aspects of their medical records, including--but hardly limited to--sexual and mental health. Similarly, people may avoid seeking medical advice for such conditions if they fear that they cannot speak in confidence. And large networked databases simultaneously increase the value of the data to malicious users (more chance of finding something interesting) and the opportunities for access.
Of course, the major threats are all internal, not external -- malicious insiders.
Thank buggery at least someone round here understands the principles of security engineering!
But effective security requires tokens to be repudiable when compromised. That's not the case for biometrics.
The prescription charge is the same across the UK.
There are not more administrators than doctors and nurses. There are more non-clinical staff than doctors and nurses. The much-quoted administrators/managers figure includes not only managers in the traditional sense but also medical secretaries (who manage the medical notes), receptionists, IT staff, porters, cleaners, engineers, caterers and domestic and security staff. Does it really surprise you that there are more of this type of staff than doctors and nurses? And what about other clinical staff such as physios, radiographers, podiatrists, clinical scientists etc? Do they not count?
When have you met anyone in the UK who thinks the NHS is free, rather than free at the point of use? You're talking drivel. And in case you hadn't noticed, if you want to get private care in the UK, you are at liberty to do so (assuming you can afford it). Doctors in Harley Street will be delighted to take your or your insurer's money.
You're absolutely right. In fact, the economic aspects of security are a hot topic for debate at the moment.
Ironically, tachographs are the subject of very large numbers of attacks to falsify travel records. They used to be circular charts of the sort you described, but they are shifting to be electronic versions now. And they have become much easier to hack as a result...
It's not about the sky falling in; it's about a realistic assessment of the costs and benefits of new security protocols. Building a realistic threat model is a fundamental step in security engineering, and given that this system has apparently been designed to counter the threat posed by motivated and capable terrorists with access to extensive technical, financial and human resources, it seems reasonable to discuss possible failure modes.
These could include finding and compromising the transmitter/receiver once installed, whether through visual inspection, electronic or other detection, or compromising someone who has the information. There are many others. Physical alarm systems must deter, then detect, then alarm, then delay, then respond.
There are potential attacks that can be launched on the systems at each stage of this process: if the terrorist takes over the truck, is thwarted in his attempt to crash it into a building and responds by setting off a bomb, then the system has failed to deter. If the terrorist can attack the communications sub-system to prevent detection of his actions, then the system has failed. If the terrorist has already driven the truck into the bridge support when the shutdown command is received, then the system has failed. If the terrorist is able to walk away from the stopped truck, having left a bomb behind for the SWAT team, then the system has failed.
The requirements of an alarm I've just described come from Ross Anderson of the University of Cambridge.
I know it's an optical mouse and it doesn't have a ball. The optical sensor may be a laser product, but it can't require *that* much power, considering that it runs on 2 1.5V batteries with a typical load of 25mA each, ie 0.0375 Watts. By contrast, humans produce 60W during sleep, 70W when awake but sedentary, and 150 to 200W doing light work. I think we should probably be able to charge up the battery without tiring ourselves too much...
But I would have thought that you could store power along the lines of self-winding watches--you'd want to use a different type of energy store, obviously. I'm not sure if you could store *enough* power...but it would be fun if it could be done. The other way would be to allow mechanical charging along the lines of the Freeplay wind-up radio.
This is a bit silly. Heinlein had already anticipated this problem back in the 50s or 60s and incorporated a solution--such as shock, horror! being able to turn the screen off. It's obviously not a real issue. And there are dozens of straightforward social uses for videophones, mostly variants on "show and tell" -- look at how the cat/grandchild has grown, what do you think of my new clothes, do I look ill to you or should I stop worrying, etc etc.
Erm, just to be clear about this. If you live in the UK and *use a TV* you must have a licence. You don't need one just by virtue of living here...
World service is paid for by the British taxpayer through the FCO, not licence fees.
No-one doubts what you say. The $64m question is, how many SUV owners really do honestly *need* that big, heavy vehicle? After all, no-one is required to demonstrate that they have a need for an SUV before they are allowed to buy one. So it is entirely possible that many millions of people have bought one for reasons of desire rather than necessity. I think that this is exactly what has happened--lots of people now want to drive SUVs. Only a small subset actually need to drive SUVs (and only a much smaller subset need to drive SUVs on a regular basis). Driving around all these SUVs is causing a rise in external costs: guzzling more oil and spewing more pollution than would be the case otherwise, for example.
I'm not demanding that the state should prevent someone from buying an SUV unless they can demonstrate need. I doubt many people are. But I would like to see the state *discouraging* the purchase of SUVs--through increasing the costs of ownership. And if that sticks in people's craws--tough.
Legally, Wales is considered a country. The United Kingdom of Great Britain and Northern Ireland has four "home countries": England, Wales, Scotland and Northern Ireland.
Don't be a prat. If I get on a plane and fly around the world to New Zealand, I get jet lagged. But I can switch sleep problems quite quickly without a problem, due to my adjusting to the different light/dark cycle.
(PII = patient identifiable information)
I know that these things are grey. That's why I objected to your saying that they weren't. You said "there can be no consent" where distress is an issue. That's not a statement describing shades of grey. It's also not true.
Furthermore, there is no contradiction between rules requiring you to obtain specific permission to use PII for purposes other than care and using such information in an educational setting. You just have to get the consent of the person concerned.
Of course, anonymisation is sometimes imperfect--so you try not to provide too many identifying details when discussing cases with colleagues. This doesn't condone your choosing not to get *any* consent or make *any* effort at de-identification.
Your choice of words is very interesting. You talk about "the consent form". While a useful written record, the important thing about getting consent is the communication with the patient. You should be making a reasonable effort to tell the patient how you would like to use information about them. I doubt many would give a fiddly fuck about whether a student was affiliated with a particular school. But they would want to know that you were planning on using their case as an educational tool.
You make an entirely valid point about the conditions of a client's care being dynamic. That's why consent obligations are dynamic as well. If you find you have a new reason for sharing information about the patient, you should talk to them again and gain additional consent.
I don't approve of honeypots in medical information systems either. But you were implying that you believed you had a right to share information with other colleagues and to poke around medical records sets in a pretty unrestrained manner. I wouldn't try that approach in the UK! The point about need to know is, frankly, a bit silly. A large teaching hospital might have perhaps 1000 patients. You can hardly start reading all their records on the basis that you might need to know the information in an emergency. Hospital doctors are usually pushed just to keep up with the records for patients they are caring for.
I'm really not sure what you're talking about with the brain swipes paragraph.
Finally, I will rephrase my question as a statement, so that you don't have to share any information that you don't want to. I sincerely hope that you are not a health professional: your perspective on PII is bizarre and if are a health professional and you put it into practice, you are pretty much certain to be in contravention of your professional obligations. Thankfully, your choice of language seems to indicate that you're not a medic.