Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Medical data’ Category

    Los Angeles Times: Health products like wristband monitors prompt privacy worries

    Thursday, August 14th, 2014

    The Los Angeles Times reports on privacy questions surrounding fitness technology such as health-monitoring wristbands:

    Digital devices and smartphone apps that track what we eat, how much we exercise, our weight, blood glucose and blood pressure, among other things, are widespread. [...]

    There’s no shortage of mobile health apps, either. According to Forrester Research, by the end of 2013, 40,000 health and wellness apps were available for download. And more are coming.

    As consumers increasingly use mobile apps and devices to capture and store health-related information, they can release personal data that may not be as confidential as they thought.

    “Most apps are created by independent app developers, and you, for the most part, don’t know what’s happening to the information” you input, says Paul Stephens, director of policy and advocacy with San Diego-based Privacy Rights Clearinghouse. Read more »

    Forbes: Did Facebook Break The Law? Senator Asks FTC For Answers

    Monday, July 14th, 2014

    Forbes reports that Sen. Mark R. Warner (D-Va.) has asked the Federal Trade Commission to investigate Facebook’s controversial decision to manipulate its users’ news feeds for research purposes:

    Senator Mark R. Warner (D-Va.) has asked the Federal Trade Commission (FTC) to provide more information about recent reports that Facebook manipulated user news feeds during an emotional manipulation experiment.  In a letter today to the FTC, Warner asked the agency to determine if Facebook broke the law or violated their consent agreement with the FTC.

    Warner also asked the agency to explore the potential ramifications of the experiment, and to consider questions about what, if any, oversight would be appropriate for behavioral studies conducted by social media platforms.  Warner’s inquiry comes on the heels of a legal complaint against Facebook that was filed with the FTC last week.  That complaint alleged that Facebook engaged in deceptive trade practices and violated a 2012 Consent Order entered into with the FTC. [...]

    The full text of Warner’s letter is available here.

    InformationWeek: Florida Law Aims To Tighten Data Security

    Friday, July 11th, 2014

    InformationWeek reports on a new law in Florida that concerns information privacy and security:

    A new law designed to protect Floridians from identity theft could have far-reaching repercussions on healthcare organizations that reside or do business in the Sunshine State. Under the Florida Information Protection Act of 2014 (FIPA), any covered entity or third-party agent must now report breaches to the Florida Department of Legal Affairs and to consumers within 30 days (compared with the prior law’s 45 days). If they show good cause, organizations may get a 15-day extension or receive a law enforcement extension. Violators can be fined $1,000 per day for the first 30 days and $50,000 for each subsequent 30-day period under the Florida Deceptive and Unfair Trade Practices Act (FDUTPA); the fine is not to exceed $500,000.

    The state also expanded ”personal information” to include individuals’ first name or first initial and last name, in combination with any one of the following: passport number; medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional; or health insurance policy number, subscriber identification number, or any unique identifier health insurers use to classify individuals. [...]

    The act, which passed unanimously, should slow the flood of data breaches, advocates said. Faster reporting times, an expanded collection of relevant data, and increased law enforcement involvement will encourage organizations to be more proactive and give law enforcement more opportunities to catch cybercriminals.

    Businessweek: Hospitals Are Mining Patients’ Credit Card Data to Predict Who Will Get Sick

    Wednesday, July 9th, 2014

    Businessweek reports on a story about data mining that could affect the privacy of individuals’ medical information:

    Carolinas HealthCare, which runs more than 900 care centers, including hospitals, nursing homes, doctors’ offices, and surgical centers, has begun plugging consumer data on 2 million people into algorithms designed to identify high-risk patients so that doctors can intervene before they get sick. The company purchases the data from brokers who cull public records, store loyalty program transactions, and credit card purchases. [Carolinas operates the largest group of medical centers in North and South Carolina.]

    Information on consumer spending can provide a more complete picture than the glimpse doctors get during an office visit or through lab results, says Michael Dulin, chief clinical officer for analytics and outcomes research at Carolinas HealthCare. The Charlotte-based hospital chain is placing its data into predictive models that give risk scores to patients. Within two years, Dulin plans to regularly distribute those scores to doctors and nurses who can then reach out to high-risk patients and suggest changes before they fall ill. [...] Read more »

    MIT Technology Review: Can Software Make Health Data More Private?

    Tuesday, July 8th, 2014

    MIT Technology Review considers whether software can help protect the privacy of medical information:

    Today a patient’s data typically stays within a hospital group or doctor’s practice. If you get care elsewhere you are essentially a blank slate unless a special request for your data is made, in which case the entire record becomes accessible. But many patients may not want their entire medical history to be accessible by everyone they see, so there is pressure to develop tools that can be used to limit access. One tricky issue is that redacting details of a diagnosis may not remove all the clues as to that condition, such as prescribed drugs or lab tests.

    A new tool developed by computer scientists at the University of Illinois can figure out which parts of a record may inadvertently reveal aspects of a patient’s medical history. The idea is that as data-sharing proposals advance, the patient would decide what parts of his or her record to keep private. A clinician would get advice from the technology on how to amend the record to ensure that this occurs. [...] Read more »

    HHS: $800,000 HIPAA settlement in medical records dumping case

    Friday, June 27th, 2014

    The U.S. Department of Health and Human Services announced a settlement with Parkview Health System, Inc., concerning medical privacy:

    Parkview Health System, Inc. has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule with the U.S. Department of Health and Human Services Office for Civil Rights (OCR).  Parkview will pay $800,000 and adopt a corrective action plan to address deficiencies in its HIPAA compliance program.  Parkview is a nonprofit health care system that provides community-based health care services to individuals in northeast Indiana and northwest Ohio.

    OCR opened an investigation after receiving a complaint from a retiring physician alleging that Parkview had violated the HIPAA Privacy Rule.  In September 2008, Parkview took custody of medical records pertaining to approximately 5,000 to 8,000 patients while assisting the retiring physician to transition her patients to new providers, and while considering the possibility of purchasing some of the physician’s practice.  Read more »