Bonum Certa Men Certa

The ISO Delusion: Sirius Open Wash Ltd. and Medical Data/Projects at Risk/Peril

The International Organization for Standardization (ISO) certification process means almost nothing. It's just a glorified brand. Deep inside many people and organisations know it.

Dilbert on ISO
Dilbert on ISO 9000 Certification in 1996 (there are also 21 for ISO 9001)



Summary: Sirius 'Open Source' was good at gloating about "ISO" as in ISO certification (see our ISO wiki to understand what ISO truly is; ISO certification needs to be more widely condemned and exposed) while signing all sorts of dodgy deals and lying to clients (some, like the Gates Foundation, were never mentioned because of a mysterious NDA); security and privacy were systematically neglected and some qualified as criminal negligence (with fines/penalties likely an applicable liability if caught/reported)

THE past few days were spent explaining ISO certification in relation to Sirius. The next few days will be spent giving an example or a sub-set of examples of how Sirius handled sensitive data. It probably hasn't improved at all since I left last month.



For some essential background, Sirius Open Source Inc. (not SIRIUS CORPORATION LIMITED) was grabbing Gates Foundation money back in 2019 -- all this while registering in the US for this "first US client", letting Windows users who adore surveillance get involved in decision-making while outsourcing more and more of what's left of the company to dubious companies with NSA connections.

"While I'm not going to report this as a former insider, I do wish to explain what's at stake here, at least as a cautionary tale."The problem here is that Sirius had British clients with their clients' data on the systems. Some was medical data. What does the law say about access from another country and why was Google (American company) getting/drowning in legal hot waters for involvement in the NHS?

What's more, it's not clear if ISO 9001 certifiation allows personal computers at home, purchased and maintained by staff along with many other uses and applications, to be used as work machines (deemed "Secure"? Really???). Remember that, as we noted repeatedly in the past, the managers never bothered supplying the staff with anything; the company does not even provide a chair and a desk, as already explained in length here (mostly back in December). Did that pass muster at ISO's cash register (ISO just wants the money)?

"ISO doesn't care; it has no quality control of its own; its workers are like corporate staff and they might not even care anyway; they got the money, and that's what's important to ISO."Well, maybe in the ISO forms the company can pretend that those computers were supplied by the company to staff when in fact the staff receives almost nothing from the company except a very old phone (Cisco-branded, Ethernet only; maybe 2 decades old).

While I'm not going to report this as a former insider, I do wish to explain what's at stake here, at least as a cautionary tale. ISO doesn't care; it has no quality control of its own; its workers are like corporate staff and they might not even care anyway; they got the money, and that's what's important to ISO. Many questions remain, e.g. which actual shell was the certification for? Do they realise they deal with a hydra or a polymorphous entity here (some of its shells are based in another continent, without actual boundaries within the company)? Even the pension schemes seem to be struggling to keep track and they need to be lectured on how the company splits and then illegally compels staff to sign papers without legal advice (nor proper understanding), as we noted here before. It was covered a lot roughly one week ago.

"To be clear, NHS was not a client, except indirectly (contractors)."And sure, many lessons are to be learned outside the company, too. If regulators could find E-mails, they would not struggle to see incriminating stuff (we plan to add examples to the wiki), including NHS medical data "oopsies" (admission on the record, too), even for people do not consent to data sharing. ISO probably doesn't care. As we said several times already, ISO only cares about money. With 'anonymisation' not working, accidents aside, there's a big scandal brewing under the surface, but then again the privatisation of the NHS would likely misplace the blame. The media has several examples of known incidents and it's a very big deal because the NHS has been pushing towards it, moreover offering to send some of this data abroad.

To be clear, NHS was not a client, except indirectly (contractors). But if someone wishes to find some major scandal/blunder, we welcome further investigation, i.e. people can do what ISO 'cannot' do because it would discredit ISO.

"There are 2 problems to track," an associate noted, "one is the scam of the ISO 9000 certification. The other is the destruction of ISO as an organisation by Microsoft."

Recent Techrights' Posts

Once Again Linux Foundation Makes It Clear It's Being 'Absorbed' by Bill Gates
Linux Foundation devotes about 2% of its budget to Linux
Links 08/10/2024: Australian Fines for Twitter (X), Fake Patent Courts Still Not Scuttled
Links for the day
World Wide Slop
If it quacks like a duck...
[Meme] Driver Issues
Where do you want to drive today?
 
Gemini Links 09/10/2024: Retroware and gmlgcd 2.0
Links for the day
Links 09/10/2024: Microsoft's Surface Duo 2 Officially Dead, X/Twitter Shutdown in Brazil, and "OpenAI Is A Bad Business"
Links for the day
Technology: rights or responsibilities? - Part III
By Dr. Andy Farnell
[Meme] Bill Gates With a Side of "Linux"
Linux Foundation is trolling us with Bill Gates
IBM is a Boys' Club
If IBM collapsed, the Red Hat engineers who work on GNU and Linux would simply work elsewhere (on the same projects)
The Miserable State of GAFAM
Looking for government handouts
Microsoft is Acting Like a Company That's Running Out of Money (But Still Pretends to be Wealthy in Order to Attract or Retain Shareholders)
Azure has had mass layoffs every year since 2020, yet Microsoft keeps telling shareholders that "clown computing" is growing
Dr. Andy Farnell's Article on Societal Disorganised Attachment and the Role of Social Control Media
The article is quite long and typos were still being fixed as recently as last night
Smear Alert: Linus Torvalds Asking for Better Commit Messages Makes Linus a (Grammar) Nazi
Maybe the "mainstream media" is looking for clickbait or maybe it's actively looking to make a scandal - a phony controversy with which to make the job of coordinating Linux unpleasant
Gemini Links 09/10/2024: Climate Doom and Clagrange
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 08, 2024
IRC logs for Tuesday, October 08, 2024
Dr. Andy Farnell's Article on Why Passwords Still Rock
"Seven for a secret never to be told"
The Problem Isn't That New Cars Use Electricity But That They Use Too Many Bits of Electronics
"...and proprietary software wrapped in proprietary APIs and protocols all without a modicum of compartmentalisation," an associate adds
We're Turning 18 in 30 Days
30 days from now the site turns 18
GNOME Foundation Says It's Nearly Broke (Again), It's Getting Rid of More People (Only Women Get the Boot), and It Will Improve Communications and Transparency Even Though It Secretly Ousts People From the GNOME Foundation Board (for Secret Reasons)
It only talks about this months later (under strict gag orders, only public shaming of a person)
Gemini Links 08/10/2024: Guilt by Association, Workers vs Owners
Links for the day
Links 08/10/2024: War Updates, Samsung's Layoffs, and Gemini
Links for the day
Another Dose of Fake 'Articles' About Linux
Don't give visibility to the nonsense of Microsoft
Links 08/10/2024: Microsoft Deleting Office Documents Instead of Saving Them, "Threads Still Sucks"
Links for the day
gemini.techrights.org and techrights.org (Same Server, Not the Same Protocol)
We're reminding readers that everything in this site is fully accessible via gemini.techrights.org in Gemini Protocol
X Has Axed Itself. This is Great News and Further Affirmation of Everything We've Said About Social Control Media.
Don't waste any more time on social control media
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 07, 2024
IRC logs for Monday, October 07, 2024
Gemini Links 08/10/2024: Contingency Begets Complexity, Playing With Bezier Curves
Links for the day
Almost Half the Web Users Connecting to Your Site Are Using Linux
almost 1 in 2 Web-connected devices runs Android and about 2% run "proper" GNU/Linux
The Web Has Severe Amnesia Problems, But We Still Remember How Gilberto Gil Promoted Free Software in Brazil
The Digital Tipping Point (DTP) is years behind us now
Synthesised Voices Aren't a New Technology (the Hype Might Be, They Call It "Hey Hi" Now)
I still consider this an extension of the "hey hi" (AI) hype
LLM Hype is Already Descending, Apple Stopped Investing in the Money Furnace
Wall Street is a perverse force in the technology market, incentivising the most harmful (and mostly useless) things
Change Control and What Will Come After Git (If That's Still Possible at All)
It would be wrong to believe (at least misguided) Git can be a "standard" skill 30 or 50 years from now.
On the Web, HTTPS Has Actually Become a Privacy Problem (Broadcasting Usage/Access to the All-Seeing CA Eye). Geminispace Doesn't Have This Problem.
Down to 23 capsules: the rapid demise of Certificate Authority (CA) Let's Encrypt in Geminispace
Links 07/10/2024: Politics, Education, Wars, Financial Crunch
Links for the day
Munich Was Having Real Difficulties Moving From GNU/Linux to Windows
How many are still using GNU/Linux?
Links 07/10/2024:China’s 'Deflation' (Price Decreases), Brazil Still Bars Twitter ("X")
Links for the day
Links 07/10/2024: "Creative Computing" Turns 50, Long War in Middle East Turns 1
Links for the day
Gemini Links 07/10/2024: Luck and Dishonesty, Gaming Getting Worse
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 06, 2024
IRC logs for Sunday, October 06, 2024