The Truth About HIPAA – It Hasn’t Changed

Everyone thinks HIPAA protects personal health data. It doesn’t.

The most valuable data collected and sold by US “data brokers” is sensitive personal health information.

US “data brokers” capture sensitive health information by tracking our searches, social media, phone apps and GPS data. The majority of US healthcare institutions, health-related state and federal government agencies, and health technology vendors are also “data brokers”.

HIPAA gave millions of hidden institutions, healthcare providers, and technology vendors the right to control, use, and sell our medical records, prescriptions, lab tests, claims data, and more. HIPAA gave them the right to be “data brokers”.

If the President’s Consumer Privacy Bill of Rights (CPBOR) was the law of the land AND also was applied to the healthcare system, patients could control who collects and uses health data—not “data brokers”.

The CPBOR’s strong new rights to control the use of personal data could end the use of data for discrimination in every area of life, including  jobs, credit, mortgages, and opportunities.

The EU got it right:  no government agency or corporation in the EU can collect, use, or sell personal data without permission.

deb

This blog was written in response to the following article: Senators call for consumer privacy protections

 

Scammers Using Police Caller ID Numbers: Alert!

Check out the latest from Debra Diener, courtesy of Privacy Made Simple.

 

The Better Business Bureau (BBB) has just issued an alert about the latest scam being used by thieves to steal money and/or personal information (see, scam alert@council.bbb.org, “Scammers Impersonate Police with Spoofed Caller ID”).  Consumers need to be very alert to this ploy. BBB says the scams being used all around the country.

The scammers have gotten hold of a computer program that lets them change phone numbers that can be displayed on Caller ID — the spoofing part of this scam.  The scammers are using this technology to send calls with the right phone numbers of the local sheriff or police offices appearing when the recipients hit Caller ID.

The intended victims see the legitimate phone number, answer the call and are then told by the scammers (posing as the local sheriff or police) that there’s an arrest warrant out for them.  BBB reports that some of the scammers have been using the real names of local sheriffs or police officers in the calls — thus making the threat seem more legitimate.

The scammer tells the intended victim that he can avoid the criminal charge by paying a fine.  Here’s the next part of the scam: the scammer says the fine can only be paid by a money order or pre-paid debit card.

Now many people will see through this scam but others will be scared into doing so — maybe because the scammer uses a real name of a local police officer; or because they might not know what fines could exist for them; or because the scammer already has some personal information about the intended victim.  BBB cited the case of a Detroit-area woman who became a victim because the scammer specifically mentioned a loan she’d taken out (that alone raises more problems about how the scammers got that information).

Consumers should remember these “Do’s” and “Don’ts” to avoid becoming a victim:

  • Don’t wire money: legitimate police forces don’t operate by calling people and asking for money over the phone;
  • Do hang up ASAP: don’t call back as doing so might give the scammers more personal information they can later use for other criminal ends;
  • Do call the real local police or sheriff’s office: let them know about the call so they can alert others in the area; and
  • Don’t give out personal information: scams come in different formats and approaches but they all want the same thing — consumers’ money and/or personal information.

PPR Comments on FTC Consumer Privacy Protection Report

We applaud the FTC for creating a report focused on protecting consumer privacy. The proposed framework
upholds many of the practices we believe in: informed consumer consent, privacy protection and data security,
and greater transparency.

View the FTC Staff Report: Protecting Consumer Privacy in an Era of Rapid Change

View PPR’s full comments