Charles Stanhope

Charles Stanhope at

I hope they succeed. From page 25 of their slide deck:
  • Windows 10 sends data to Microsoft in over 30 ways (incl raw keystrokes)
  • This can be over-ridden in your org - but it is extra work, and not easy
  • Third party / home PCs accessing NHSMail, VPNing into trust systems are beyond organisational controls, and may leak data, so as we develop wider data sharing, it will be impossible to prevent keystrokes being sent to Redmond, WA, USA.
Put together these facts mean:
  1. You may not be able to stop privacy-critical PID keystroke data being sent to Microsoft via Windows 10 PCs
  2. You need to think hard about whether Windows 10 is fit for the NHS.