According to the NHS website, I should not have needed to know my NHS number to register with a new surgery, and my old practice should have told me what my number is.The two receptionists I communicated with were not malicious, they did not want to get in my way or to be interrogated about their data privacy and security policies.We’ve also been talking about cyber security at events. A couple of the events we have spoken at were for the Cyber Security Challenge.In the coming months, we will be speaking in Sweden, Canada, the US, the UK, the Netherlands, Belgium and Austria (among many other places! As individuals, we have been supporters of the Cyber Security Challenge for many years and we are delighted to be official Affiliate Sponsors of the initiative going forwards.In the end, I did email the surgery and ask for my NHS number, as well as offering free consultation and training.I have not heard back, most likely because the recipient is paralysed over whether they can share my number via email or any means.I doubt they will take up the offer of free help, but I hope they do.
Too often data security and privacy approaches undermine people, when they should empower them.
Myself and FC have had many conversations about how frustrating it is that the industry is so fragmented when the problems are so interconnected. We’re bringing together our backgrounds in the human, technical and physical areas of cyber security to offer a more comprehensive and integrated approach to training, testing and talking about cyber security.
For the last few months we’ve been working with clients on behavioural and cultural-change training, penetration testing and various consultancy projects.
A policy that does not account for practicalities, that has been determined without consultation with the personnel who have to enact it; someone being told what they cannot do without being advised .
In trying to receive healthcare today, the policies of two GP surgeries acted as a blocker to me doing so.