Blog article
See all stories »

Password sharing in the National Health Service

Full story available at 

Investigators have been unable to trace a doctor involved a medical blunder that ended in a patient's death because staff in a Devon hospital had been sharing passwords. The doctor whose password was being used was not working at the hospital at the time. 

Password sharing in the NHS is said to be endemic partly because it has been reported that Login times could be as long as 10 minutes – whereas if everyone shares the same Login & Password for the shift, then with continuous access every minute or so no-one ever gets timed out. 

Bar & Restaurant Staff have to continuously have to Logon & Logoff from the Cash Register – but they achieve this in seconds using Tokens such as BarCodes or Magnetic Stripes. 

Why couldn’t the NHS give every Doctor & Nurse a Tesco Clubcard-style Badge on a Keyring, and they could swipe in & out that way in a matter of seconds – after all this really was a matter of life and death, and we don’t even know who was negligent. 


Comments: (1)

Stephen Wilson
Stephen Wilson - Lockstep Consulting - Sydney 03 June, 2008, 02:53Be the first to give this comment the thumbs up 0 likes

The inclination to share passwords is the bane of many policy wonks' existance.  It arises naturally when humble users seek work-arounds to improve their day-to-day workplace situation.  A culture of work-arounds is especially prevalent throughout healthcare technology (not just health IT) as smart professionals working in close teams with dozens of 'machines that go ping' strive to get the most out of their equipment and to compensate for all-too-common shoddy user interfaces. 

In the specific case of computer logon, we're all caught up in the transition from username+password to something smarter and more robust.  I am one of those that has great belief in smartcards, because of their power as holders and notarisers of personal credentials, and also because they are so intuitive.  We have all been trained for decades to pop a card into a slot, enter a password, and get things to happen.  It's the most natural form factor for computer logon (perhaps using contactless cards in many hospital settings, with or without PIN depending on the application concerned).  Response times in smartcard log-on should be near instantaneous. The practical deployment of systems like Sun Rays is encouraging, where telecommuters enjoy added features like session portability, which is a huge benefit in healthcare.

The dreadful logon delays in the new NHS systems I think has something to do with the centralisation of healthcare professionals' credentials.  There is a two-stage process of first identifying a user, followed by extracting their authorisations from a central repository.  IMHO credentials are better secreted in the smartcard, notarised by digital signature, so that remote systems can rely on their 'pedigree' without referring in real time to central mission critical gateways that must be engineered with stupendous availability and bandwidth so as to limit bottlenecks.


Stephen Wilson.


Keith Appleyard

Keith Appleyard

IT Consultant

available for hire

Member since

17 Aug 2007



Blog posts




This post is from a series of posts in the group:


A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

See all

Now hiring