Tag Archives: Medical Privacy
Who’s looking at your DNA data? California lawmaker introduces genetic privacy bill
Andrew Sheeler, Sacramento Bee – Feb. 14, 2020. A proposed California law would prohibit DNA testing companies like Ancestry and 23andMe from sharing customer DNA information with outside parties without their consent. https://www.sacbee.com/news/politics-government/capitol-alert/article240227106.html
The Secret Documents That Detail How Patients’ Privacy Is Breached
by Charles Ornstein, ProPublica
The top five categories of complaints in 2014, according to the Office for Civil Rights website, were impermissible uses and disclosures, safeguards, administrative safeguards, access and technical safeguards. Read More ›
Health Gadgets And Apps Outpace Privacy Protections, Report Finds
by Charles Ornstein, ProPublica
The Health Insurance Portability and Accountability Act, the landmark 1996 patient-privacy law, only covers patient information kept by health providers, insurers and data clearinghouses, as well as their business partners. Falling outside the law’s purview: wearables like Fitbit that measure steps and sleep, at-home paternity tests, social media sites, and online repositories where individuals can store their health records. Read More ›
AB 2688: Health ‘Privacy’ Bill Would Unleash Information Sharing
6/28 update: AB 2688 was approved in the Senate Judiciary Committee today. Voting in favor of the bill – and against consumers’ interests – were all of the panel’s Democrats: Chair Hannah-Beth Jackson and Senators Robert Hertzberg, Mark Leno, William Monning and Bob Wieckowski. The committee’s two Republicans, Vice … Read More ›
The Risk On Your Wrist: Are Hackers Targeting Your Wearables Data?
by Donal Power, ReadWrite.com
“Health care providers and health plans have a gold mine of information that criminals can monetize – such as SSNs, health insurance information, and general health information,” [said an attorney focused on privacy and data protection]. … “The most concerning finding was to see that hacking/phishing/malware was the leading cause of incidents last year, especially the increase we saw in health care incidents,” [she] said. “We could feel the tide begin to turn in 2014, which continued into 2015. However, with the number of incidents we handle, it was surprising to see that was the leading cause.” Read More ›
Employee Surveillance: Business Efficiency Vs. Worker Privacy
by Thomas Claburn, Information Week
“Now, with the advent of almost ubiquitous network records, browser history retention, phone apps, electronic sensors, wearable fitness trackers, thermal sensors, and facial recognition systems, there truly could be limitless worker surveillance,” [a forthcoming California Law Review paper] says. … The authors argue that workplace surveillance has moved beyond a legitimate interest in productivity to shaping individual behavior. As examples of this trend, they cite productivity apps and corporate wellness programs. Read More ›
What’s Our Health Data Worth?
by Jerry Beilinson, Consumer Reports
Medical records shared among doctors and hospitals are covered by HIPAA, the medical privacy law, but data shared among app developers, financial firms, and others is unregulated. … Americans are worried about how health data of all kinds is shared, according to Consumer Reports’ research conducted in 2015. Nearly everyone surveyed – 91 percent – agreed that their consent should be required whenever health information is shared. And 45 percent … found it “creepy” when an ad targeting their medical conditions popped up in a web browser. Read More ›
ID Theft Puts Privacy And Financial Security Of Medical Patients, Taxpayers – Even Children – At Risk
There were 12.7 million adult victims of identity theft nationwide in 2014, including over 1.5 million in California, according to the California Attorney General’s Office. “My educated guess is that nearly every adult in the U.S. has been affected by at least one breach involving their Social Security number and/or sensitive personal financial information. Most people have likely been affected by more than one breach,” said Beth Givens, Executive Director of the nonprofit Privacy Rights Clearinghouse. Givens predicts health care institution breaches will continue to be big stories in 2016. Other likely targets are educational institutions and government agencies. Read More ›
Hard Drives Holding Health Data Missing At Medical Insurer
by Chris Rauber, San Francisco Business Times
The latest in a series of huge data losses in the health care realm — health insurer Centene’s loss of six hard drives containing personal information on 950,000 enrollees — raises more questions about the security of health data that consumers entrust to insurance companies, hospital systems, Medicare, Medicaid and other big players. … Confidential health care data can sell in murky portions of the Internet for $10 to $50 per record — far more than the roughly $1 a simple credit-card number is worth. Medicare records are even more valuable, … and can sell for as much as $470 per record. Read More ›
Few Consequences For Health Privacy Law’s Repeat Offenders
by Charles Ornstein and Annie Waldman, ProPublica
ProPublica has reported on loopholes in [the Health Insurance Portability and Accountability Act] and the federal government’s lax enforcement of the law. … The data analyzed for this story show the problem goes beyond isolated incidents, carrying few consequences even for those who violate the law the most. … “Often, when we take a look into those breaches, what we find is that they were not accidents,” [said an OCR director]. “What contributed to the breach of thousands, if not tens of thousands of records, was systemic noncompliance . . . over a period oftentimes of years.” Read More ›
Paris Attacks Spark Another Fight Against Encryption
by Sean Sposito, San Francisco Chronicle
[Encryption “back-doors” for law enforcement] won’t necessarily weaken terrorist organizations’ ability to communicate with each other over the Internet. … But what it could do is make it easier for criminals and terrorists to access our financial, medical and other personal records, said Pam Dixon, the executive director of the World Privacy Forum in San Diego. They might find a way through the back-door as well. “Strong crypto means good security for all of us,” she said. “It means that banks and hospitals can secure financial and other transactions in our digital world.” Read More ›
Who Else Has Accessed Your Medical Data?
by Lisa Zamosky, Los Angeles Times
So far in 2015 alone, there have been more than 32 health data breaches as a result of hacking, according to the U.S. Health and Human Services Office for Civil Rights. “Health records are more valuable to identity thieves than financial records, and they can actually be sold at a premium on the black market,” [says one expert]. … It’s a more complicated crime to resolve than financial theft, with fewer protections in place to help patients whose information is stolen. … Medical identity theft can also dangerously cause someone else’s health data to get intertwined with yours. Read More ›
UCLA Health System Data Breach Affects 4.5 Million Patients
by Chad Terhune, Los Angeles Times
This cyberattack at UCLA comes on the heels of a major breach of federal employee records and a massive hack at health insurance giant Anthem Inc. affecting 80 million Americans this year. The intrusion is raising fresh questions about the ability of hospitals, health insurers and other medical providers to safeguard the vast troves of electronic medical records and other sensitive data they are stockpiling. The revelation that UCLA hadn’t taken the basic step of encrypting this patient data drew swift criticism from security experts and patient advocates. Read More ›