The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries. Read the rest

The British government has been immobilised by Brexit preparations: hundreds of millions of pounds paid by insurers to the government to rebuild from flooding are sitting idle in savings accounts because no one can spare the time to spend them; ministers won't schedule out-of-London meetings because being away during a key vote would endanger the whisper-thin Tory majority; UK workforce productivity has fallen off a cliff while workers struggle to make preparations for the uncertain future; the government is incapable of legislating because the whole calendar is filled with Brexit bills; junior ministers are barely showing up for work because they don't believe they'll have careers after Brexit; the NHS's overriding priority is Brexit preparation -- everything, from top to bottom, is crumbling. Read the rest

NHS Digital has issued guidance to the independent authorities and businesses that make up the UK's National Health Service, setting out the case for storing extremely sensitive patient data on public cloud servers. Read the rest

One of the most enduring symbols of 2016's UK Brexit referendum was the huge red "battle bus" with its message, "We send the EU £350 million a week, let's fund our NHS instead. Vote Leave." Read the rest

25 NHS trusts and multiple doctors' practices in England and Scotland (but so far, not Northern Ireland or Wales) report that they have had to effectively shut down due to a massive Wcry ransomware infection that has stolen whole swathes of the English healthcare system in one go. The infection appears to exploit a bug that the NSA discovered and deliberately kept secret, only to have it revealed by the Shadow Brokers. Read the rest

Taking pre-exposure prophylaxis drugs like Truvada before having unprotected sex with HIV+ people can significantly reduce the risk of infection (the drugs can also be taken after potential exposure); though this use is approved in England, the NHS does not yet cover Truveda prescriptions, so people who wish to take the drug are expected to pay £400/month. Read the rest

3 NHS hospitals under the Northern Lincolnshire and Goole NHS Foundation Trust have been infected by "a virus" that administrators detected on Sunday; the hospitals are on limited operations and turning away patients until the hospitals can "isolate and destroy" the malware. Read the rest

Junior doctors in the UK National Health Service have been attempting to negotiate a decent wage and decent working conditions in their new contract with Health Secretary Jeremy Hunt, who is a terrible person, and who has been publicly libelling the hardworking doctors on the front lines of the UK health system. Read the rest

The English NHS is at the very end of a key consultation on the future of its "mandate" -- which sets out its goals and budgets -- and though the public has been able to comment since October, the NHS hasn't bothered to tell anyone about it. Read the rest

To clarify, the @HSCIC story that’s coming is, I believe, infinitely worse than patient hospital records being uploaded to Google BigQuery

— ben goldacre (@bengoldacre) March 3, 2014

PA Consulting, a management consulting firm, obtained the entire English and Welsh hospital episode statistics database and uploaded it to Google's Bigquery service. The stats filled 27 DVDs and took "a couple of weeks" to transfer to Google's service, which is hosted in non-EU data centres. This is spectacularly illegal. The NHS dataset includes each patient's NHS number, post code, address, date of birth and gender, as well as all their inpatient, outpatient and emergency hospital records. Google's Bigquery service allows for full data-set sharing with one click.

The news of the breach comes after the collapse of a scheme under which the NHS would sell patient records to pharma companies, insurers and others (there was no easy way to opt out of the scheme, until members of the public created the independent Fax Your GP service).

According to researcher and epidemiologist Ben Goldacre, this story is just the beginning: there's an "infinitely worse" story that is coming shortly. Read the rest

The UK National Health Service has initiated a plan to take the nation's private health records and sell them off to private companies in a process overseen by notorious multinational bumblewads ATOS. If you live in the UK England, your records -- mental health records, prescriptions, records of surgeries including abortions, and other sensitive personal information -- will be handed over to a wide-ranging group of companies all over the world.

Unless you opt out. And opting out isn't easy. There's no central place to opt out. Instead, you have to send a letter to your GP's surgery, which means you have to look up your GP's surgery's address, compose a legally sufficient letter, print it out, find an envelope and a stamp -- etc.

However! There's a better way. A group of volunteers whom I trust implicitly, including the astounding Stef Magdalinski (who made the Faxyourmp service that is the ancestor of Theyworkforyou) have created Fax Your GP, a dead-simple form that will look up your GP's fax number for you, create a form opt-out letter you can fill in in just a few easy steps, and then they'll fax that letter directly to your GP's surgery. I just opted out. Read the rest

The UK government's Health and Social Care Information Centre quietly announced plans to share all patient records held by the National Health Service with private companies, from insurers to pharmaceutical companies. The information sharing is on an opt-out basis, so if you don't want your "clinical records, mental health consultations, drug addiction rehabilitation details, dsexual health clinic attendance and abortion procedures" shared, along with your "GP records, HS numbers, post-codes, gender, date of birth," you need to contact your doctor and opt out of the process.

This is a complex issue. Large data-sets are the lifeblood of epidemiology and evidence-based care and policy, and the desire to extract useful health information from this data is a legitimate one.

However, it's clear that no one involved in the process gives a damn about privacy. These data-sets -- which will be sold on the open market to commercial operators -- are "anonymized" and "pseudonymized" through processes that don't work, have never worked, and are well-documented to be without any basis in reality.

And that's the thing that brings the whole enterprise out of the realm of legitimate scientific project and into the realm of corporatist hucksterism. Once the architects of this project announced that its privacy protections would be based on junk science, they lost any claim they had to operating in good faith.

Effectively, the managers of this programme have said, "We can't figure out how to protect the most private, potentially damaging facts of your life, so we're not going to try." It is pure cynicism, and it makes me furious. Read the rest

Dr Ben "Bad Science" Goldacre sez, "I did a really sophisticated and complex data visualisation. I think you might enjoy it. There's definitely a pattern in there, I just need to decide what statistical tests will best extract the signal from the noise."

Who is, and is not, invited to Cameron's emergency NHSbill summit? A data visualisation. Read the rest