This appeared last week.
Standards lag creates ‘a cyber minefield’
12:00AM July 26, 2022
Australia is at risk of falling behind in the development of standards for new technologies, according to a milestone report that says doors are being left “unlocked” for cyber criminals to harvest data and steal the identities of Australians.
The report by national standards body Standards Australia said Australia had a lot of work to do in setting standards for emerging technologies and the nation’s “future prosperity” depended on keeping ahead of the curve.
Standards refer to voluntary documents that set out guidelines that aim to ensure products, services and systems are safe, consistent and reliable.
“With the rapid emergence of new technologies, standards drive innovation and competitiveness in these fields in Australia while also helping ensure responsible and secure use of the technologies,” the report said.
In the past five years, Australia has adopted just one such document for artificial intelligence, eight for the internet of things, one for cloud computing and nine for smart cities.
Of the 138 international “information security, cybersecurity, and privacy protection” standards developed, Australia has adopted just nine.
Ian Oppermann, NSW Chief Data Officer and co-author of the report, said this was because of the time taken to consider each standard and whether it was appropriate in the Australian context, and a reticence to adopt standards that were seen as “slowing down” technological progress.
“There’s always the view that standards slow things down, so when it comes to emerging technology, there’s a hesitancy to get involved from people who want to get on with things and create that new technology,” he said.
More here:
Here is an intro and link to the report:
Standards Australia releases its Iconic Nation Report
02 May 2022
More here:
https://www.standards.org.au/news/standards-australia-releases-its-iconic-nation-report
What is rather worrying is that there seems to be no Standard Australia activity in the last few years in the Digital Health / e-Health and it does not seem there is much going on with IT-14.
This page seems to have not much going on:
IT-014 : Health Informatics
Obsolescent (2)
Superseded (5)
Standards by this Committee
Designation |
Title |
Implementation of Health Level Seven (HL7) Version 2.4 - Patient administration |
|
-----
https://www.standards.org.au/standards-catalogue/sa-snz/health/it-014?status=superseded
It is not clear what has happened next!
What work is happening now is under the auspices of HL-7.
You can read what they are doing to hold up the effort here:
It is to be hoped that the ADHA is providing the support to keep this basically volunteer effort going after Standards Australia seems to have vacated the field!
The bottom line is you want info on Digital Health Standards then HL-7 team linked above are the go to people!
Standard are vitally important in Digital Health and I am not convinced there should not better and more formal arrangements that are guaranteed to be current, responsive to need and fit for purpose.
Maybe a job for the new Federal Health Minister to get across what is happening and make sure it is all properly supported or there might be some worrying issues arise!
David.
6 comments:
While Standards Australia waits for new standards to come rolling in, they might want to spend the time improving their own.
The high level of hoop-jumping that has to go on when purchasing and opening an existing Standard is ridiculous. In the health field it wastes the time of librarians, IT departments, and health professionals themselves. An insane amount of jiggery-pokery and installing of extensions and permissions and blah blah blah goes on before the thing can be opened, and then it can't be opened again, or it can't be saved, or can only be opened on the first computer that opened it, or it might self-destruct in 48 hours never to be seen again.
Just send us a PDF, one that we can open, print, save, and pass on to those who need it, ok?
Standards Australia are hardy “waiting for new standards to roll in”. EHealth is a tint section and one that proved to much bother. They are well within their rights to publish standards in a way that ensures those standards being used are the most up-to-date. The health department did the damage, and the PCEHR/MyHR and, to some extent, ADHA should be taken up with them, not standards Australia. You will find those responsible still hold various positions in ADHA, AIDH, or as special advisors. Take care, though. These same people issue legal letters to this blog and standover tactics to others wanting to hold digital health events.
I believe issues related to standards can be addressed in the Frank and Bernie show
AnonymousAugust 12, 2022, 3:31 PM - an odd rant - I think your beef is an organisation that puts in place controls to protect its being, and IP and your other underlying vent seem more related to your own IT department policies and lack of applications.
I use digital editions, and have other publications like standards that use timestamp mechanism - yes, requires a step or two - it's hardly time-consuming (considering you work in government) or earth shattering - you could say the same about MFA, or Probably closure to your heart - privacy rights.
Perhaps you should consider contributing your time and expertise to the standards community rather than pilfering their IP
My "beef" is not with controls to protect IP per se, nor am I attempting to "pilfer" the IP. It's the layer upon layer upon layer; it's obstructive. Ordinary users don't seem to be able to get a grip on it; even when they get IT involved it still may fail. I've not had a problem with it personally, but others are working under different conditions, and I watch them flail (I can't do it for them, different organisation). It seems an unnecessary barrier to information.
Just send us a PDF, one that we can open, print, save, and pass on to those who need it, ok?
You must admit that statement does indicate that copyrights are irrelevant and the free exchange of intellectual property is fine and dandy.
Australian eHealth Standards were killed when the Health Department pulled funding to Standards Australia, seemingly after a few of us pointed out the errors in standards created by NEHTA/ADHA (I can't remember which word salad organisation was active at the time) They published them anyway, replete with breaking errors and I think they have long been filed away under the emergency toilet paper supply folder.
Not only did the health department kill the standards committees, they left the copyright with Standards Australia, including not yet published revisions and new standards in the pipeline. HL7 Australia had the rights to the US standards so we had to write completely new Australian HL7 standards based on the US version, but with all the localizations needed for Australia. (Volunteer work, just like with Standards Australia)
This has been done, balloted, published and revised since, but as there is no need for compliance in Australia they have not been used to the extent that they should be. Who needs compliance when you can modify every message on the fly to suite the errors at every endpoint! Only problem is that some errors cannot be fixed reliably, but its only vital patient data, what could possibly go wrong?
The Australian eHealth landscape has been held back by useless bureaucrats who seem to manage to gift multinational companies a few hundred million+ every year, but destroy the local standards process and make reliable interoperability difficult. They are not even trying to fix the problems, I think its more than not knowing how, although that's also a problem.
I guess its keeps us busy putting Band-Aids over gaping wounds every day, so maybe I should stop complaining?
Post a Comment