DoH Contradicts UK Government By Urging NHS To Drop IE6

For some unknown reasons, the Department of Health (DoH) has issued a statement over the need to move from Internet Explorer 6 that refutes the official stand of the UK Government taken last week in the House of Lords.

In a four page document (PDF here) entitled "Technology Bulletin: Microsoft Internet Explorer Security Vulnerability – 979352 – “Aurora", the Informatics Directorate from the DoH recommends moving from Internet Explorer 6 to the more secure Internet Explorer 7 but not version 8.

This might be because, Microsoft's latest browser hasn't been properly tested with the NHS's proprietary systems such as the CSA (Clinical Spine Application), part of the SPINE, whcih is the huge national database of patient medical records.

Interestingly, the NHS Head of IT Security approved the advisory report on the 21st of January 2010, a week before the Parliamentary Under-Secretary of State for the Home Office, Lord West of Spithead, replied to Lord Avebury saying that the UK government considers that "there is no evidence that moving from the latest fully patched versions of Internet Explorer".

Authors of the document warned that "If an organisation has systems compromised via this vulnerability, there may be consequential reputational damage, especially if sensitive data is affected or the compromised system is used to attack other systems."