Now That All Your Financial Info Is Available, How About Your Medical Data?
from the wonderful... dept
Yet another reminder that you really have no more privacy. If it wasn’t one of the many, many personal info data leaks this week, you now have to worry about your healthcare provider’s digruntled employees revealing info as well. The details are a bit confusing, but a “digruntled employee” at Kaiser Permanente put a bunch of confidential medical records on a blog in order to express her displeasure with the company. It sounds like she (or someone else) had also posted the info on an unsecured Kaiser website, as well as a personal blog. Kaiser found out about the blog in January, but waited until now to have it taken down. So, if there’s no way to protect your financial information or your medical information (or, you know, your shoe buying habits) isn’t it about time that a better system was created to deal with this data flow situation? David Brin’s ideas about information transparency start sounding more intriguing all the time.
Comments on “Now That All Your Financial Info Is Available, How About Your Medical Data?”
HIPAA Violation?
If this occurred in the U.S. it is almost certainly a violation of the Health Insurance Portability and Accountability Act (HIPAA) which can bring on not only criminal prosecution but some whacking big fines. I would love to see some serious prosecutions for egregious violations of HIPAA, because like any law it will only be meaningful if it has some teeth, and unlike some of our laws I think overall this one is a good one.
“Any person who knowingly obtains or discloses individually identifiable health information in violation of the Administrative Simplification Regulations faces a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penalties to be increased to a $100,000 fine, and up to five years in prison. Finally, offenses committed with the intent to sell, transfer or use individually identifiable health information for commercial advantage, personal gain or malicious harm permit fines of $250,000, and imprisonment for up to ten years.(emphasis added)” AMA HIPAA Violations and Enforcement.
As usual, money can solve this problem.
If you’re wealthy enough, just go to doctors that don’t take insurance, dentists that don’t take insurance, etc. Where I live (Palo Alto) there are plenty of these. Of course there is a risk: sometimes the hospital won’t give you quite as good service if you don’t have insurance.
But for the rest of us, this “solution” isn’t available.