ProPublica: Federal Patient Privacy Law Does Not Cover Most Period-Tracking Apps

ProPublica: Federal Patient Privacy Law Does Not Cover Most Period-Tracking Apps. “Following the Supreme Court’s decision overturning Roe v. Wade, advocates for privacy and reproductive health have expressed fears that data from period-tracking apps could be used to find people who’ve had abortions. They have a point. The Health Insurance Portability and Accountability Act, the federal patient privacy law known as HIPAA, does not apply to most apps that track menstrual cycles, just as it doesn’t apply to many health care apps and at-home test kits.”

CNBC: Facebook sent a doctor on a secret mission to ask hospitals to share patient data

CNBC: Facebook sent a doctor on a secret mission to ask hospitals to share patient data. “Facebook has asked several major U.S. hospitals to share anonymized data about their patients, such as illnesses and prescription info, for a proposed research project. Facebook was intending to match it up with user data it had collected, and help the hospitals figure out which patients might need special care or treatment.”

MacKeeper Security: Patient Home Monitoring Service Leaks Private Medical Data Online

MacKeeper Security: Patient Home Monitoring Service Leaks Private Medical Data Online. “Kromtech Security Researchers have discovered another publically accessible Amazon S3 repository. This time it contained medical data in 316,363 PDF reports in the form of weekly blood test results. Many of these were multiple reports on individual patients. It appears that each patient had weekly test results totaling around 20 files each. That would still be an estimated 150,000+ people affected by the leak. The database appears to be connected to a ‘Patient Home Monitoring’ company that provides a in-home testing program that is aimed at improving clinical patient outcomes, and saving patients from weekly office visits.”

Editorial- HIPAA For The Social Media Generation: Teaching Privacy In Med Schools

Based on the news stories I’ve seen, sadly, this is very needed: HIPAA For The Social Media Generation: Teaching Privacy In Med Schools. “Many medical students are required to participate in HIPAA training programs, but medical schools today face a unique set of challenges. That’s because the current generation of medical students was raised online. Their phones are always on hand and their understanding of privacy may vary from what instructors and future employers will expect. In response, medical schools need to update and underscore the importance of HIPAA compliance education in the classroom.”

Law Enforcement: Paramedics Have “Selfies War,” Include Unconscious Patients

Two paramedics about whom I am way too angry to describe without melting my keyboard apparently had a “selfies war” featuring their patients. Mostly non-consensually. “Investigators initially identified a total of 41 patients. Two of whom have since died. Three of the photos appear consensual. Out of the remaining patients, 19 were female, and 17 were male. One of those victims was an Okaloosa County Sheriff’s Deputy. Five were homeless, the Sheriff’s Office said in a Facebook post.”

Ooopsie: ADA Apparently Mailed Malware To Its Members

Of course, it’s kind of hard to avoid malware if your own professional association is mailing it to you. “The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide. The problem first came to light in a post on the DSL Reports Security Forum. DSLR member ‘Mike’ from Pittsburgh got curious about the integrity of a USB drive that the ADA mailed to members to share updated ‘dental procedure codes’ — codes that dental offices use to track procedures for billing and insurance purposes.”

Search Engine for HIPAA Violations

ProPublica has set up a search engine for HIPAA violations. “Investigative reports with lists and tables can be daunting to wade through, so ProPublica built a simple app: a kind of search engine that allows people to check on their health care providers. Named HIPAA Helper, the tool features a search bar that accepts not only names of health care providers (such as big offenders Kaiser, Quest, and Walgreens), but keywords describing the types of offenses, such as ‘ex-boyfriend’ or ‘organ donor.’”