Health apps run into privacy snags

“The next time you use your smartphone to inquire about migraine symptoms or to check out how many calories were in that cheeseburger, there is a chance that information could be passed on to insurance and pharmaceuticals companies.

The top-20 health and wellness apps, including MapMyFitness, WebMD Health and iPeriod, are transmitting information to up to 70 third-party companies, according to Evidon, a web analytics and privacy firm”

If you are a subscriber to, you can view the full article at: Health apps run into privacy snags

Webinar: Competing for Patient Trust and Data Privacy in the Age of Big Data

PPR Logo

Featured Speakers:

Deborah Peel, MD, Founder and Chair, Patient Privacy Rights
Adrian Gropper, MD, Chief Technology Officer, Patient Privacy Rights

Predictive analytics is the use of big data to suggest targeted interventions that increase revenue and improve health. Predictive analytics can also be defined as involuntary data collection and surveillance leading to discrimination.

Fair information practice principles (FIPPs) have been around for decades but are seldom invoked in the design and promotion of health care services. As health reform sweeps through our industry, the use of FIPPs will be increasingly important to enhance trust, privacy, and differentiate your service.

Learning Objectives:

• Be able to apply FIPPs to evaluate internal use and health information exchange
• Understand the business case for more powerful patient portals
• Understand techniques for social media and bi-directional patient engagement

Register to attend here or using the link listed below.

Please note: This event takes place from 1-2 pm EDT.


Event Hosted By:


TACMA Screening at the Stateside Independent Theater


Date: Thursday, September 19th
Time: 7pm-9pm

Location: Stateside at the Paramount Theater, 713 Congress Ave, Austin Tx 78701

Terms and Conditions May Apply (TACMA) is a documentary that shows the outrageous and downright scary things that happen to your personal information when you click ‘I Agree’.  Join us for a an evening at the Stateside theater to watch this eye-opening film that is educating everyone about online privacy.

 tacma ecard

What people are saying about it:

“This quietly blistering documentary should rile even the most passive viewer.” - Jeannette Catsoulis, The New York Times

“The scariest movie I’ve seen this year, a horror tale that would have been science fiction had it been made in the 1990s.”  - G. Allen Johnson, San Francisco Chronicle

“The term “opting in” suggests a matter of choice. But as the thoughtful and spirited documentary “Terms and Conditions May Apply” makes chillingly clear, choices are few for netizens.” - Sheri Linden, The Los Angeles Times

“One of the most important and eye-opening films of the year.” - Kevin Lally, Film Journal International

“Timing could hardly be better…” - John DeFore, The Hollywood Reporter

“Must-see doc.” - Whitney Matheson, USA Today


Coalition for Patient Privacy Meeting

CPP Logo

Friday, September 20th, 2013

Quarterly Meeting
10:00am – 11:30pm ET

Please RSVP for the Coalition for Patient Privacy meeting on Friday, September 20th, 2013.  There will be a conference line – let us know when you RSVP if you will need the conference number.

Time: 10:00-11:30am, 30 minute break, followed by luncheon panel (RSVP below)
Place: The Microsoft Innovation & Policy Center, 901 K Street, NW, 11th Floor, Washington, DC 20001.

We plan to discuss the recent heightened awareness of the need for privacy, as well as the broad, nationwide collection of metadata and the similarities that lie within the healthcare sector.

If there are items you would like to add to the agenda, please send them to Karen Boyd.

The meeting will be followed by lunch and an expert panel titled A Teachable Moment: What Lessons Can Health Care Take Away from the Revelation of NSA Surveillance?


Please RSVP for the Coalition for Patient Privacy meeting by contacting us at

Please RSVP for the Microsoft Lunch Panel by contacting Ashley Hughes at


Microsoft NSA Panel


PPR Logo
A Teachable Moment: What Lessons Can Health Care Take Away from the Revelation of NSA Surveillance?


Microsoft Innovation & Policy Center
901 K Street NW | Washington, DC 20001

11th Floor

Friday, September 20, 2013 | 12:00 p.m. ET 


Patient Privacy Rights (PPR) invites you to attend a panel discussion on what is being done to protect health care privacy as revelations of digital surveillance efforts are making headlines. The discussion, “A Teachable Moment: What Lessons Can Healthcare Take Away from the Revelation of NSA Surveillance?” will be held Friday, September 20, 2013, 12:00 pm ET.  The event hosted by Microsoft is being held at the Microsoft Policy & Innovation Center in Washington DC.  Boxed lunches will be provided beginning at 11:30am.

The event will be moderated by Daniel Weitzner, the Director and co-founder of the MIT CSAIL Decentralized Information Group. Formerly the U.S. Deputy Chief Technology Officer for Internet Policy in the White House, Mr. Weitzner’s work has resulted in many tremendous contributions to the development of Internet Public Policy, including the Obama Administration’s Consumer Privacy Bill of Rights.

Privacy is now first on the list of major issues in the digital era. Exposure of the NSA’s metadata monitoring has brought the issue into even sharper focus. The public’s overwhelming disapproval of the collection of their phone records without their knowledge or consent shows that they want more transparency, awareness, and control over what happens to their private information. Research confirms that this especially applies to their most personal and sensitive information of all: health records containing information about their minds, bodies, and DNA.

Our distinguished panel will explore the current privacy environment and what it means for consumers:

Daniel Weitzner
Director, MIT Decentralized Information Group


Deborah C. Peel, MD
Founder and Chair, Patient Privacy Rights (PPR)

Latanya Sweeney, Ph.D
Director, Data Privacy Lab at Harvard University

Sydney Brownstone
Staff Writer, Fast Company

Adrian Gropper, MD
Chief Technology Officer, Patient Privacy Rights (PPR)

Andy Oram
Senior Editor, O’Reilly Media

Please RSVP to Ashley Hughes at

We hope to see you there!

Event Hosted by:
Microsoft Logo

FTC Files Complaint Against LabMD for Failing to Protect Consumers’ Privacy

The public would be surprised how little thought or money healthcare businesses put into data security.  LabMD is probably just one of thousands of healthcare businesses that don’t encrypt patient data and whose employees who use file-sharing apps to download music, etc, exposing patient records online.

We need new laws that require businesses that hold health data to be audited to prove they protect it.

Shouldn’t businesses have to prove they use tough data security protections before they are allowed to handle sensitive health information?

To view the full article, please visit:

Between Paranoia and Naivete

This op-ed was written by the political editor of the German paper ‘Die Zeit’. He summarizes the historical/cultural perspectives of Germany and the US regarding data protection and rights to control personal information in electronic systems.

He recommends both nation’s approaches should be on the table for discussion to decide “best practices” for data protection.

But he makes some key assertions I disagree with.

He states:

1) A future dictatorship’s use of Facebook would be “the least of your problems”.

  • But actually Facebook spying is very valuable to dictatorships because it reveals contacts and thoughts.

2) Citizens of “liberal societies” are not “experiencing a change in values” and “no longer feel uncomfortable sharing personal even private information”.

  • There is no change in values. Research shows people care just as much as they always have about privacy: ie control over what personal information they share with whom.  People care most about controlling who sees sensitive personal health data—but in the US we have no control.
  • The problem is that privacy/personal control over pii was not built into electronic systems.

3) Re: the Internet as an “emergent system” which “functions so well because it works equally for everybody” and “might cease to offer the greatest benefit for the greatest number”.

  • The Internet has already brought an “advantage to a minority–the rulers”.  He fails to recognize that the Internet is controlled and who controls it now.
  • Lawrence Lessig’s classic book “Code” explains that software and hardware, ie ‘code’ regulates the Internet and determines who controls it.  We must legislate/regulate technology in order to build a cyberspace that supports fundamental democratic rights and values.
  • The NSA/Verizon revelations are proof that a minority in fact control/rule the Internet to the detriment of all; and to the detriment of freedom and our human and civil rights to be “let alone”.

To view the full article, please visit:!

Privacy Advocates Set Their Sights on the Wrong G-Men

In the wake of NSA revelations, key privacy advocates make the point that private corporations and the government are working to ensure total surveillance of all digital information about all 300 million Americans and lock in billions in corporate revenue from the sale of personal data and detailed digital profiles of everyone in the US.

Corporate and government collection, use, and sale of the nation’s personal data is opaque.  The author of the story below trashes several  privacy advocates and misrepresents their key points about the hidden ‘government-industrial complex’.  And he claims that “Individuals can choose not to use a particular social network, search engine or website.”  But individuals have no meaningful choices online. See the documentary: “Terms and Conditions May Apply”.

The lack of trust online and in all holders of personal data is why President Obama proposed the Consumer Privacy Bill of Rights (CPBOR). Unfortunately the proposed data privacy protections in the CPBOR do not apply to the most sensitive data of all, health data.

Meanwhile,  the ‘government-industrial complex’ is destroying Americans’ most fundamental rights to privacy. The highest right of civilized man is the right to be ‘let alone’—which happens to be the foundation of Democracy.  Yet all we read about are the wonders of ‘big data’ and the need to collect and use personal data without meaningful informed consent. We can certainly use big data for innovation and benefits—but the public wants to be asked permission for all uses of data, especially for ‘research’ uses. Big data analytics is research.

  • See Westin’s research that shows only 1% of the public approves use of health data for research without consent. See more of his findings here.

Today US citizens have no control over their most sensitive personal information: health data from DNA to prescriptions records to diagnoses—-because privacy-destructive technologies and system architectures prevent us from exercising our rights to give meaningful informed consent before health data is collected, used, disclosed, or sold.

To view the full article, please visit: Privacy Advocates Set Their Sights on the Wrong G-Men

Privacy groups criticize proposed $8.5 million Google settlement

“Five U.S. privacy groups have opposed a proposed $8.5 million settlement with Google in a class action lawsuit over search privacy, as it fails to require Google to change its business practices, they said.”

Read more at: