Having spent much of the IT/security phase of my career in medical informatics and health care, I tend to get asked a lot about IT security issues relating to the U.K.'s National Health Service (NHS). (The last time I worked there I ran something called the Threat Assessment Centre, though that doesn't exist anymore.)

Most recently, I got an enquiry from Kevin Townsend, who came across a press release announcing that a company called TPP was working on an Android app to allow users of its SystmOne system to access and update patient records when they're at home or out and about in the community, using 3G or Wi-Fi. Administratively, of course, there are many advantages to both the health care professional and to the patient in centralization of (and easy access to) records. But leaving aside libertarian concerns about increased opportunities for 1984-style government, there's an obvious need for rigorous management of privacy and security in such centralization. As described there, it sounds as if TPP's approach is totally reliant on a single-factor username/static password pair.

"Access to the app would be through the user's usual username and password, meaning no one could use the app unless they were already a SystmOne user."

Let's assume that SystmOne passwording is managed rigorously (I'm not in a position to evaluate it first-hand), with enforcement of sound password selection, [n]-strikes-and-out restriction of login attempts, password aging and so on. Who selects the device? Not, it seems, the provider, but the customer. It seems all too unlikely that resource-starved health care organizations will prioritize security over cost (not that paying more guarantees better security, of course) in the initial choice of device, let alone in configuration (local PIN/password, central access within the organization). And that's before we think about the security problems that are already all too obvious on Android...