Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Medical data’ Category

    InformationWeek: When Big Data & Infants’ Privacy Collide

    Friday, August 29th, 2014

    InformationWeek reports on issues concerning children’s medical and genetic privacy:

    For decades, hospitals have conducted blood tests on newborns, checking babies for various conditions, treatable and not. Today’s less costly tests, genomic research, and technological advances, coupled with differing policies across states, worry some privacy and ethics advocates.

    Whereas some states allow parents to opt-in for testing, others have an opt-out approach. Critics argue parents have little to no say in whether this data is collected, where and how long it’s stored, and what organizations do with this information. Lower genome testing costs sparked debate about researchers’ right to use this information; who should learn of infants’ chronic conditions and when; and the type of data government, researchers, payers, or healthcare providers can cull. Other concerns surround the storage and transmission of data that’s not de-identified and its potential theft. [...]

    In May, Minnesota Gov. Mark Dayton signed a law allowing the state to indefinitely store blood spots for future research. Parents can opt out. In New York, parents can decline testing for religious reasons, said the Wadsworth Center, NY Department of Health, which screens the state’s newborns for more than 40 inherited metabolic conditions.

    Washington Post: Health care data breaches have hit 30M patients and counting

    Thursday, August 21st, 2014

    The Washington Post reports on security breaches of medical information, which can create privacy problems for patients:

    The recent theft of 4.5 million medical records by Chinese hackers highlights one undeniable truth about health care data: it’s valuable, and bad people want it. In this latest incident, hackers reportedly stole personal data from Community Health Systems patients, including their Social Security numbers, which is an especially coveted piece of information if you want to steal someone’s identity. But it appears that patients’ medical data and credit card numbers were not stolen in this case.

    Thanks to some tougher federal reporting requirements for health-care data breaches in recent years, we have a better sense of when patient information goes missing or might have been inappropriately accessed by someone. [...]

    The numbers aren’t pretty. Since federal reporting requirements kicked in, the U.S. Department of Health and Human Services’ database of major breach reports (those affecting 500 people or more) has tracked 944 incidents affecting personal information from about 30.1 million people. A majority of those records are tied to theft (17.4 million people), followed by data loss (7.2 million people), hacking (3.6 million) and unauthorized access accounts (1.9 million people), according to a Washington Post analysis of HHS data. These numbers don’t include the Community Health Systems data breach.

    Los Angeles Times: Health products like wristband monitors prompt privacy worries

    Thursday, August 14th, 2014

    The Los Angeles Times reports on privacy questions surrounding fitness technology such as health-monitoring wristbands:

    Digital devices and smartphone apps that track what we eat, how much we exercise, our weight, blood glucose and blood pressure, among other things, are widespread. [...]

    There’s no shortage of mobile health apps, either. According to Forrester Research, by the end of 2013, 40,000 health and wellness apps were available for download. And more are coming.

    As consumers increasingly use mobile apps and devices to capture and store health-related information, they can release personal data that may not be as confidential as they thought.

    “Most apps are created by independent app developers, and you, for the most part, don’t know what’s happening to the information” you input, says Paul Stephens, director of policy and advocacy with San Diego-based Privacy Rights Clearinghouse. Read more »

    Forbes: Did Facebook Break The Law? Senator Asks FTC For Answers

    Monday, July 14th, 2014

    Forbes reports that Sen. Mark R. Warner (D-Va.) has asked the Federal Trade Commission to investigate Facebook’s controversial decision to manipulate its users’ news feeds for research purposes:

    Senator Mark R. Warner (D-Va.) has asked the Federal Trade Commission (FTC) to provide more information about recent reports that Facebook manipulated user news feeds during an emotional manipulation experiment.  In a letter today to the FTC, Warner asked the agency to determine if Facebook broke the law or violated their consent agreement with the FTC.

    Warner also asked the agency to explore the potential ramifications of the experiment, and to consider questions about what, if any, oversight would be appropriate for behavioral studies conducted by social media platforms.  Warner’s inquiry comes on the heels of a legal complaint against Facebook that was filed with the FTC last week.  That complaint alleged that Facebook engaged in deceptive trade practices and violated a 2012 Consent Order entered into with the FTC. [...]

    The full text of Warner’s letter is available here.

    InformationWeek: Florida Law Aims To Tighten Data Security

    Friday, July 11th, 2014

    InformationWeek reports on a new law in Florida that concerns information privacy and security:

    A new law designed to protect Floridians from identity theft could have far-reaching repercussions on healthcare organizations that reside or do business in the Sunshine State. Under the Florida Information Protection Act of 2014 (FIPA), any covered entity or third-party agent must now report breaches to the Florida Department of Legal Affairs and to consumers within 30 days (compared with the prior law’s 45 days). If they show good cause, organizations may get a 15-day extension or receive a law enforcement extension. Violators can be fined $1,000 per day for the first 30 days and $50,000 for each subsequent 30-day period under the Florida Deceptive and Unfair Trade Practices Act (FDUTPA); the fine is not to exceed $500,000.

    The state also expanded ”personal information” to include individuals’ first name or first initial and last name, in combination with any one of the following: passport number; medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional; or health insurance policy number, subscriber identification number, or any unique identifier health insurers use to classify individuals. [...]

    The act, which passed unanimously, should slow the flood of data breaches, advocates said. Faster reporting times, an expanded collection of relevant data, and increased law enforcement involvement will encourage organizations to be more proactive and give law enforcement more opportunities to catch cybercriminals.

    Businessweek: Hospitals Are Mining Patients’ Credit Card Data to Predict Who Will Get Sick

    Wednesday, July 9th, 2014

    Businessweek reports on a story about data mining that could affect the privacy of individuals’ medical information:

    Carolinas HealthCare, which runs more than 900 care centers, including hospitals, nursing homes, doctors’ offices, and surgical centers, has begun plugging consumer data on 2 million people into algorithms designed to identify high-risk patients so that doctors can intervene before they get sick. The company purchases the data from brokers who cull public records, store loyalty program transactions, and credit card purchases. [Carolinas operates the largest group of medical centers in North and South Carolina.]

    Information on consumer spending can provide a more complete picture than the glimpse doctors get during an office visit or through lab results, says Michael Dulin, chief clinical officer for analytics and outcomes research at Carolinas HealthCare. The Charlotte-based hospital chain is placing its data into predictive models that give risk scores to patients. Within two years, Dulin plans to regularly distribute those scores to doctors and nurses who can then reach out to high-risk patients and suggest changes before they fall ill. [...] Read more »