Re: Is this something we really want?

I hate to say this, but the unauthorized sharing of your private medical information has been going on since before 1992; all in the name of crime stopping. I'm sorry but I can't elaborate more on this. If interested you will just have to ask me in person at the next con.

xor

Re: Is this something we really want?

The medical field has always been a very shadowy and secret profession IMHO. Can anyone tell me why you have to answer all those non-health related questions when you first walk into a dental or medical office? If you get the answer right I owe you a beer at Defcon. If you never wondered you aren't paying attention.

xor

Re: Is this something we really want?

I think I knew about 1992 xor, but I wonder if the same "tech dude" that was reading email from my clients bungled email account at Core Comm today is gonna be the same "dude" two weeks later reading my Google medical privates? Will tech support require sworn medical privacy laws for all employees? I'd say "off with their nads" if anything leaks. How often do we hear "Oh honey.. (wife to husband).. You'll never guess what a hilarious file I saw on this guy at the office today....". I already freak when my garbage man goes off with my shredded mail. I don't think most uneducated tech help at call centers should have access to medical accounts at this level or scope. I've known for a long time about med info e'data sharing direct from office to office but this Google thing looks like a huge train wreck on the way from here on.

So the "tech dude" is gonna abide by the following?

"In its privacy policy, Google already promises not to share sensitive personal information with third parties without prior consent, defining sensitive personal information as "information we know to be related to confidential medical information, racial or ethnic origins, political or religious beliefs or sexuality and tied to personal information."

Yea right.

We all know what happens to sensitive data when it's farmed out to second and third party guardians or outsourced to India.

Re: Is this something we really want?

What non-health related questions? The last time I went to a doctor, they were rather quick to get me situated, the only non-medical questions were name and address. Oh, and insurance information :P

Re: Is this something we really want?

Questions like where you went to school; high school, college, post college?
What grade level you obtained?
Did you graduate?
Do you drive, if so what is your drivers license number?
Oh and my favorite whom to call in case of emergency? Don't think I'm crazy with the last one. Nothing is ever what it appears to be. Information is used many ways by many different people.

I've seen all kinds of dubious questions on medical intake forms. Why do they need to know some of the above information in order to treat you? It's never presented as optional either.


xor

Re: Is this something we really want?

Trying not to sound totally paranoid here. People who have met me can vouch for that. Medical information is shared by more people and organizations than you think. Though illegal to do so it's still being shared by people and organizations you never thought would or should be sharing this information. I found out by accident. They do it to protect themselves and to be fair you in some cases which places in question their ethics. It's all about money in the end.

xor

Re: Is this something we really want?

I have NEVER filled out any medical forms with those questions on it. Not when I went to the dentist, not when I went to the eye doctor, or when I went to a physician.

The one question they ask me, which I never fill out is my social security number. They have no need for that information, and if they ask for it anyway I need them to explain to me why they need it on file, they never seem to give me an adequate answer, so they let it drop.

Re: Is this something we really want?

Yes, and identity theft is up. It is illegal to share that information, and if they share it to protect themselves they could and should be sued for malpractice. It may really be less about money and more about lax confidentiality and those laws governing professionals and the corporate body. Professionals know they should not share but they do and it's wrong and it's always been wrong as you pointed out xor. As a side note I think organizational breaches of confidentiality like IT brain drain, espionage, and even sabotage are on the rise. I think that some of those may be the bastard children of "non-privacy" in general.

Re: Is this something we really want?

Keep in mind that this will fall under HIPAA regulations. Considering how much of a mess that that is and all the individual causes of action that could come up in the case of a breach I can't imagine that Google would even come near this area.

Re: Is this something we really want?

"UPDATE"

And to think,.. I was all worried about Google messing up...

http://www.pcworld.com/article/id,14...l?tk=nl_dnxnws