Health Information Privacy, No—Privacy, Yes: HIPAA & HITECH Act Blog by Jonathan P. Tomes

JonTomesBecause of privacy concerns, the Obama administration has reversed its use and disclosure of patient information in HealthCare.gov after the Associated Press had reported that the website was sending such personal data to companies specializing in advertising and analyzing internet data for performance analysis and marketing. The personal details included age, income, zip code, tobacco use, and whether a woman was pregnant. Millions use the sites to sign up for ObamaCare or to browse for insurance plans. Analysis of the website Friday by the AP showed that the administration had made changes to reduce the outbound flow of personal information. Before that, the website was explicitly sending personal data to third-party sites.

Officials of the Department of Health and Human Services (“DHHS”) had defended their information-sharing practices, saying that the outside companies had used the data only to analyze the workings of HealthCare.gov and to make improvements to the website that were of benefit to consumers. HealthCare.gov serves 37 states, while the remaining states operate their own insurance markets. In a poorly reasoned decision, the U.S. Supreme Court upheld the law’s ability to “tax”—read force people to purchase health insurance. Although third-party sites on HealthCare.gov may not see your name, birth date, or Social Security number, they may be able to determine that your computer accessed the government website with your other internet activities. Have you been researching a chronic illness, such as coronary artery blockage? Do you shop online for smoking-cessation aids? Are you investigating genetic markers for a certain type of breast cancer? Are you seeking help for financial problems or for an addiction?

Privacy advocates say that the administration still needs to do more. The mere presence of connections to private companies on the website —even if they do not explicitly receive personal data— should be examined because of their ability to reveal sensitive information about a user.

Quintin, the tech expert with the Electronic Frontier Foundation, said the health site should disable third-party tracking services for people who enable the “do not track” feature on their web browsers.

HealthCare.gov was crippled by serious technical problems when it made its debut in the fall of 2013. This year, the website has worked better, but the privacy issues were a reminder that the site remains a work in progress, and those privacy issues can only make one wonder about the federal government’s ability to design and operate such a mammoth health care undertaking.

On July 13th, 2015, posted in: HIPAA Compliance Blog by Tags: , ,
seo by: k.c. seo