[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Miscellaneous

26K

Solutions

21K

Contributors

A miscellany is defined as a "collection of various pieces of writing by different authors", but it has come to mean something "Of items gathered or considered together of various types or from different sources" or "a collection or group composed of members or elements of different kinds". The word "miscellaneous" comes from the Latin word "miscere", meaning "to mix." You might have heard the expression "a mixed bag," which applies when you don't quite know what you're going to get. More commonly, a miscellaneous group is made up of an odd group of things that don't fit anywhere else.

Share tech news, updates, or what's on your mind.

Sign up to Post

Being too curious can sometimes get you into big and costly trouble.
0
LVL 39

Expert Comment

by:BillDL
Comment Utility
Although it is not detailed in your article, nor on the Information Commissioner's Office pages linked to, I assume the named people accessed patient records using computers rather than looking at hardcopy records.  That's the only real way that multiple instances of access could realistically have been logged.

I wonder whether the National Health Service (or any of the affected Health care Trusts) have actually placed any restrictions on who is permitted (and I refer to user account status here) to gain access to various areas of their IT databases in the wake of these breaches?

The main subject of your article, namely Clare Lawson, was a Staff Nurse. In such a position there would normally be a Charge Nurse (equivalent to Supervisor in other vocational disciplines) above her on that ward and also a Matron or Sister (a "Manager" nurse) covering that ward and perhaps others.  It isn't known from the available information whether any staff of those ranks would consistently be on duty at the same times as the subject, but if they were then they are the supervisory members of staff who should have access to patient records, not the standard nursing staff.  There may be some situations, however, where a Staff Nurse could have been in charge and therefore may have required legitimate access to records during a shift.  This is not to say that even a higher ranking member of nursing staff may be tempted to excessive and knowingly wrong patient record accesses, but keeping permission to those of a certain ranking and above would reduce the likelihood.  

The second subject (Nicola Wren) was an Administrator and it is possible that in such a position whe would have have required access to patient records.  There isn't much that could be done by way of restriction in such a case, but it looks as though this woman was frequently checking for updates in records relating to a friend, acquaintance, or relative over the 3 week period.

There is absolutely no reason why the third subject, Marian Waddell, should have had access to patient records held in computer databases because she was a Nursing Auxiliary.  This position is sometimes referred to by the title "Healthcare Assistant".  Often these positions are occupied by ex-nurses or midwives who returned to healthcare after long periods of absence during which their qualifications lapsed.  They are either part-qualified or unqualified "nurses".  I'm not saying they don't know what they are doing, because some know more than doctors or nurses, but their duties are restricted.  Again though, the ICO web page relating to Marian Waddell does not specify whether she accessed a computer record or a hardcopy record.  All it says is that she accessed the records of one patient.

What I am most curious about is the statement made by the Director of Investigations for the ICO:
"This abuse of a position of trust has caused significant distress to a number of people".
Obviously there would be some distress caused to fellow nursing staff who might feel betrayed and let down by a colleague's actions, but were the patients themselves informed about the unlawful accesses of their records?
0
LVL 5

Author Comment

by:Adrian McGarry
Comment Utility
Thanks for the comments BillDL.

I agree, this must have been captured via computer security audit logging, but is not the sort of detail that was released by the ICO.

We would all hope that appropriate measures are taken for securing highly sensitive information, such as patient records, especially in large organisations such as the NHS in the UK.

Unfortunately (& I am going to link this to information security lapses, like with the Wannacry incident) it is very apparent the NHS is not a good example for information security and data governance.

Even this week we have seen the reports of how much Wannacry cost the NHS https://www.google.co.uk/amp/s/www.zdnet.com/google-amp/article/this-is-how-much-the-wannacry-ransomware-attack-cost-the-nhs/ £92m.  How much would it have cost the NHS to deploy a 0-day threat system to protect against this and countless other malware attacks, let alone the human cost of this malpractice.

You really only need to prove this by looking at the UK ICO https://ico.org.uk/action-weve-taken/ to see how many NHS trusts have been involved in action enforcements.

And is this any different for other countries?  This article covers recent Australian data breaches within the healthcare system http://www.mondaq.com/australia/x/743342/data+protection/Data+breaches+on+the+rise+in+the+health+sector

We see far too many organisations with very bad practices, poor security and no training for staff.

To teach basic security skills, providing training to all employees is common-sense, which is why I write about this subject, train people and organisations about this subject and sometimes can get very emotive about data protection and security.

Does this make me a bit geeky about this subject, maybe!  But there is a human cost to this.  Not only with these NHS examples but with each data breach that occurs because of negligence, malpractice and just plain incompetence, it’s unnecessary and can be stopped by raising awareness.
0
Become a CompTIA Certified Healthcare IT Tech
LVL 12
Become a CompTIA Certified Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

Article Header
A discussion about the billing practices of IT Support contractors and my ideas of what is fair and what is not!
3
LVL 98

Expert Comment

by:Lee W, MVP
Comment Utility
It's important, in my opinion, to state from the onset, that repairs billed by the hour could quickly exceed the value of the PC.  If I can't fix a machine in 30-60 minutes, I give the client the option of a complete reload or buying a new machine... but you also have to keep in mind, it's not JUST the cost of the hardware and to a lesser extent the software.  There's configuration and data migration.  If they want things EXACTLY the way they were before, add that to the cost of a new PC and fixing the old one, even when the total charge is as much as a new physical computer, it may prove considerably cheaper.  (You buy a new house and the expenses don't stop there.  Now you often spend at least a little on "upgrades" and customizations - paint, carpet, new appliances, the move in costs... etc.... house costs $200000... but you then spend $20000 more on incidentals/extras
1

Expert Comment

by:Brighton Davies
Comment Utility
Brilliant write-up – completely agree with your thoughts on transparency. Can’t tell you how many times I got ripped off by subpar support b/c they weren’t upfront about knowledge/rates/etc. I’ve learned to take care of a lot on my own (Google FTW) but when I need an expert eye/opinion mustardit.co.uk doesn’t let me down or charge ridiculous fees.
0
There is a very good article here on Experts Exchange on the 5 Reasons you should NOT fix a computer for free. That article is both articulate and for the most part true. But the other side is worth stating. Here is my experience...
1
Unfolding Roadmap to Success for your Startup!
We must learn what customers really want, not what they say they want or what we think they should want. -Eric Ries: Author of Lean Startup
0
Technology has revolutionized how we create, share and comment on information. So does that mean that there are new ethical standards for information within the digital age? Read on to find out!
0
Confidence
Confident people attract everything that is good in this world, and they will also attract other confident people because of the law of attraction, together achieving success. Good luck on your path!
0
gdpr
As of May 25th, 2018, the GDPR is binding on all businesses and organisations. Here are the main procedures and best practices to apply. Otherwise there will be heavy fines.
0
Password Managers
This is the conclusion of the review and tests for using two or more Password Managers so you don't need to rely on just one. This article describes the results of a lot of testing in different scenario's to reveal which ones best co-exist together. Enjoy...
2

Expert Comment

by:Otto Didact
Comment Utility
Thank you, Andrew Leniart;

Parts 1 & 2 of both of these articles were excellent.  

I actually like the idea of being able to carry around or safely stash a flashdrive as a alternate vault for passwords.  Being able to plug a USB stick into Laptop`s USB port & gain access through whatever gateways, even without WiFi, Bluetooth, Ethernet cables, &/or cell service & unlimited data minutes for an Internet connection seems like a beneficial advantage to me.  I as yet have never used a password manager, though have been following reviews their use for several years now, but then have usually felt they fell short of being applicable to how I & my wife would use them.  I especially like your innovation in deciding to redundantly use two password managers together.  

I think your article was the first time that any reviewer mentioned being able to print or save all of one`s passwords as a PDF, though for the purpose of keeping it with my passport doesn`t seem like a good idea, but in a safe deposit box, or in an other such safe place does.  And so does saving it to a USB thumbdrive, to then be placed in a safe place or carried on one`s person as necessary.  Saving a copy to the cloud, where an operational version of one`s password manager exists at one`s beck & call, & for syncing different devices & browsers, seems unnecessary.  

I am still a bit consternated by them not working with Microsoft Edge (is this the fault of the password manager industry or that of Microsoft), & with them not being able to figure out how to autofill or sign in on some login situations.  The latter especially sounds like someone needs to assign some set of universal criteria for login methodology, for both the password managers & the password  requiring gateways to adhere to in order to operate efficiently together, for the sake & necessity of the users of password managers, & of the sites & applications that rightly require security precautions.
1
LVL 23

Author Comment

by:Andrew Leniart
Comment Utility
Hi Otto,

Parts 1 & 2 of both of these articles were excellent.

Firstly, welcome to Experts Exchange and thank you for reading my articles and especially for your kind comment! I'd be grateful if you could take a moment to endorse the articles by clicking the thumbs-up icon right underneath the end of them :)

I actually like the idea of being able to carry around or safely stash a flashdrive as a alternate vault for passwords.  Being able to plug a USB stick into Laptop`s USB port & gain access through whatever gateways, even without WiFi, Bluetooth, Ethernet cables, &/or cell service & unlimited data minutes for an Internet connection seems like a beneficial advantage to me.

You're not the only one. Others have expressed the same desire, yet the password developers seem to continue heading in the direction of making your vault fully available to you in a browser on their website instead. RoboForm is a typical example that moved away and dropped support for exactly what you prefer doing. I see that as a huge responsibility on the developers part, so it's important to consider who you are going to trust with the storage of such sensitive information.

That said, the only way I can see of influencing password manager developers is to continue showing them there is still a need for this type of technology and function. Keep giving them feedback - if they get enough of it, they may just start to listen.

I as yet have never used a password manager, though have been following reviews their use for several years now, but then have usually felt they fell short of being applicable to how I & my wife would use them.

You make an interesting comment. Obviously, I'm one of those that always recommends the use of Password managers. In my field of work, far too often I see people using the same password on multiple websites (and confess I've been guilty of that myself at times) and still frequently see real-life examples of sensitive password information being stuck to monitors via sticky notes, in totally unsecured spreadsheets or on a piece of paper laying on a desk or in a drawer. I'm not just talking about your average home user here either. I support many Accounting and Legal Firms who I've still noticed doing things like that. Basic human nature tendencies kick in, regardless of educational and professional achievement levels.

Everyone has unique requirements, so I'd be genuinely interested to hear "how" the variety of password managers fell short for your particular circumstances?

I especially like your innovation in deciding to redundantly use two password managers together.

Thank you so much. I've actually been doing that for years because I could never find a single solution that wouldn't break for me under one circumstance or another when a website changed its login steps. The use of two solved that, but the trick was finding two that could work together in harmony and not constantly fight one another for control of logging me into the websites I was visiting, or password protected applications on my computer. Currently, Roboform and Avast play very well together, but if I had to make a choice between the two, then I would probably keep the Avast solution. Despite the lack of features that Roboform offers, it seems to handle changed login pages far more effortlessly.

I think your article was the first time that any reviewer mentioned being able to print or save all of one`s passwords as a PDF, though for the purpose of keeping it with my passport doesn`t seem like a good idea, but in a safe deposit box, or in an other such safe place does.

Indeed, and you make an excellent observation that I perhaps should have clarified on a bit more. I would certainly never encourage people to save to PDF or even print out their passwords, but there have been times when that's helped folks out of a  jam. The capability is actually there in just about every password application I've tried, but I don't tend to encourage its use except under specific scenarios that a client may explain to me that they have.

And so does saving it to a USB thumbdrive, to then be placed in a safe place or carried on one`s person as necessary.

I do hope you have that USB thumb drive encrypted with a nice strong password in the event you ever lost it though? :)

Saving a copy to the cloud, where an operational version of one`s password manager exists at one`s beck & call, & for syncing different devices & browsers, seems unnecessary.

This again falls back to personal requirements and circumstances I think. For me, the option is invaluable, because I have a couple of laptops that I use when I travel, sometimes need to access my bank using my phone, or a website on an Ipad when showing a demo of a proposed solution to a client. Everything is available to me, all the time. But in order to have that luxury, I must trust that both Roboform and Avast will keep all my information secure - per my earlier statement.

In circumstances where such functionality isn't needed, such as perhaps yours, there is no need to use it just because it's available. There are functions in my Password managers that I simply ignore because I have no use for them. In fact, if "you" don't need cloud access to synchronize different devices and browsers, then you are in a somewhat enviable position of taking advantage of the freely available versions of those tools, where Cloud Synchronization is often offered as a "paid" feature.

I am still a bit consternated by them not working with Microsoft Edge (is this the fault of the password manager industry or that of Microsoft), & with them not being able to figure out how to autofill or sign in on some login situations.

A combination of both is my understanding. To have an application available as a plug into Microsoft Edge, it has to be vetted and approved by Microsoft first. How much work and/or expense this involves on the part of the developers I couldn't guess. But I am confident in one thing - from the feedback I received from all the password manager developers that were included in this review, all will at some point be updated to support Microsoft Edge. They will be forced to as the popularity of Microsoft's latest browser grows, if they want to retain their current userbase, subscribers and gain new ones over other competitive offerings.

The latter especially sounds like someone needs to assign some set of universal criteria for login methodology, for both the password managers & the password  requiring gateways to adhere to in order to operate efficiently together, for the sake & necessity of the users of password managers, & of the sites & applications that rightly require security precautions.

I don't believe it's so much as how to fill in the required information or security precautions, which would be a given. It's more about getting their application approved as a plug-in for Microsoft Edge, and subsequently even approved to be available on the Microsoft Store, strongly promoted in Windows 10. Again, this falls into how much effort is required to get past that vetting process. As I'm not a developer, that's something I'm not very familiar with.

My thanks for all of your feedback and comments Otto!

Regards, Andrew
0
Business Startup
Starting a business requires forethought, planning and preparation. As eager as you are to get started with business activities, you need to walk through a few important steps to ensure that your business gets off on the right foot.
0
By definition, working capital is the measure a company’s efficiency and its financial health from a short-term perspective. With the implementation of GST in India on July 1, 2017, the unorganized sector has to pay GST at various levels in order to redeem it themselves.
0
Python 3 Fundamentals
LVL 12
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Health Insurance Marketing
A recent study by Google illustrates that almost 84% of patients go for both online and offline sources for hospital research. What do you think, “Is the Healthcare Industry the next to be disrupted by Digital Marketing?”
0
ux-788002_960_720
Even though starting and growing a lucrative business while you’re still in college sounds impossible, it is actually quite conceivable. There are several reasons why this is the perfect time to start a new venture.
3
LVL 8

Expert Comment

by:Craig Kehler
Comment Utility
Great article. One of our employees who went to Cal Poly did just that and they were very successful. http://www.sanluisobispo.com/news/business/article39157704.html
0
Computer Science
There's never been a better time to become a computer scientist. Employment growth in the field is expected to reach 22% overall by 2020, and if you want to get in on the action, it’s a good idea to think about at least minoring in computer science and knowing how to code.
2
ML Machine Learning Fellowship
Machine Learning is one of the profound applications of AI and therefore, just like AI, it is surrounded by myths and fears. Check out these facts about ML that demystify the related myths.
0
The deadly train derailment that occurred recently in DuPont, Washington, raises a lot of questions. It was a new route, the first trip tested with passengers, and the train was travelling at 50 mph over the zone’s speed limit. Could IoT play a role in infrastructure safety and prevent tragedies?
0
LVL 1

Expert Comment

by:Harriet Tewksbury
Comment Utility
These arise many challenges during the IoT software development, and security is one of them: https://it-infrastructure.cioreview.com/cxoinsight/iot-new-challenges-for-software-programming-nid-24650-cid-130.html
0
Block Chain Technology
Blockchain technology enhances society similar to the Internet. Its effects are broad, disruptive, and will boost global productivity.
1
Password-Managers
Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it's often useful to use more than one.
11

Expert Comment

by:Jorge Carretero
Comment Utility
Great Article !!!!

But when it comes to Security i think Linux is the king, so i recommend this solutions.-
https://www.lastpass.com/es
LastPass supports also Linux and has better security, if you are too paranoic the second option.-
https://keepass.info/
May be your solution, but its harder to configure and maintain, in the past i only used Firefox master password, so maybe my advice is not so good.
Good Luck.
0
LVL 23

Author Comment

by:Andrew Leniart
Comment Utility
Hi Jorge and thank you for your comments about my article.

The problem with your recommendation about lastpass is that it's owned by LogMeIn - a company I will now be avoiding like the plague because of the way they treated both their paying and nonpaying customers recently in just dropping the Xmarks bookmarks manager like a hot potato.

To see what I'm talking about, see the thread still getting comments here:

https://www.experts-exchange.com/questions/29092048/Alternatives-to-the-Xmarks-com-Bookmarks-Synchronization-Service.html

You're welcome (in fact encouraged) to contribute your thoughts to the above thread.

I didn't much like Lastpass as a solution before, but after what LogMeIn recently did after taking over Xmarks, I would no longer consider any solution that they have any control over -  and that's coming from someone who used their LogMeIn Rescue product at a cost of about $1,000 a year for nearly 10 years.

Their killing of a solution that so many were enjoying (and subscribing to use Pro features for) without any decent explanation is bound to hurt them in the long run imo and I'll discourage anyone who asks about any LogMeIn solution in the future for that reason.

Avoid using LastPass - who know's when it will just disappear, just like Xmarks did, when logmein decides they don't want to play anymore?!

Cheers...

Andrew
0
Technology: Cure or Curse
Cyberspace is the new townsquare. Does the change from a physical space to a digital space spell doom and destruction or growth and prosperity.
0
Win 10 - Audio Problem
It is a real story and is one of my scariest tech experiences. Most users think that IT experts like us know how to fix all computer problems. However, if there is a time constraint and you MUST not fail the task or you will lose your job, a simple task might turn out to be your scariest experience.
3
OWASP: Avoiding Hacker Tricks
LVL 12
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

In this article, I’ll show how research, determination, and use of modern technology helped me solve a DNA mystery.
7
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
3
"Robot cyborg open palm, polygon Brain, grow future artificial intelligence".
As computers become more powerful, jobs will be replaced with artificial intelligence, leaving no place in the future for humans in the workforce. In the oncoming technological revolution, the staggering change to human mind labor will prove the skills of a programmer to be vital.
2
ScamAlert
An introduction to the wonderful sport of Scam Baiting. Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
21

Expert Comment

by:Tom Crawford
Comment Utility
Thank you Andrew, hope to put  to good use and enjoyment.
Tom.
0
LVL 23

Author Comment

by:Andrew Leniart
Comment Utility
Thanks for the comments and endorsements Andrew and Tom, very much appreciated and help me out.  I'm glad you both got some value of the article.

Regards,
Andrew
0
Gift cards are not a new concept - it's been around for a very long time.  Undoubtedly, over the past you have received such a card or purchased one for a friend or relative.  Are you aware that you've been feeding the machine?  If not, read on :)
0
Digital marketing agencies have encountered both the opportunities and difficulties that emerge from working with a wide-ranging organizations.
0

Miscellaneous

26K

Solutions

21K

Contributors

A miscellany is defined as a "collection of various pieces of writing by different authors", but it has come to mean something "Of items gathered or considered together of various types or from different sources" or "a collection or group composed of members or elements of different kinds". The word "miscellaneous" comes from the Latin word "miscere", meaning "to mix." You might have heard the expression "a mixed bag," which applies when you don't quite know what you're going to get. More commonly, a miscellaneous group is made up of an odd group of things that don't fit anywhere else.