Texas Does Poor Job of Securing Patient Info 9
_Sharp'r_ writes "This new security audit from Texas is an example of why the solution to medical privacy isn't to store it all in a big government database. The report describes a myriad of problems with state health and welfare agency's information security. Some of the problems cited include lack of firewalls, wide open wireless access points and all the other "usual suspects" that we've come to expect from a government security solution. The network is especially vulnerable to internal misuse, according to the report. For example, 'poor access controls' allowed a Department of Health customer service employee to create 74 fraudulent birth certificates. The report found that many of the agencies' nearly 50,000 workers have access to "tremendous amounts of decentralized, confidential data." You can also access an html formatted version of the full report."
The Problem Isn't Governments Having Information (Score:3, Interesting)
Please note that this post has nothing to do with privacy in it's self, I'm just talking about how we should have someone else do the "grunt work", in this case security and maintence, than Uncle Sam.
Re:The Problem Isn't Governments Having Informatio (Score:1)
(From personal experience in the Canadian Gov't)
This is not to say this is the case for all IT workers/management everywhere. There are some very talented and motivated people working for the government, however, its been my experience that the best solution isn't always picked by those who make the decisions.
Great. More taxes... (Score:2)
Similar story just hit the UK (Score:5, Interesting)
By John Leyden
Posted: 11/02/2003 at 12:50 GMT
Up to 200,000 requests are made by investigators under false pretences to obtain health information on British patients each year. And most attempts succeed, according to the Foundation for Information Policy Research (FIPR).
But you can trust the government! Really you can.. (Score:5, Interesting)
In short, too many people trust their government. It's easy to believe that "we're the government." But we aren't. Who in their right mind believes 90% of what is on the federal and state law books would be there if we had a republic where representatives were chosen like jurors, not by popular vote? Our corrupt political class loves to say "it's in the public interest." You see, we don't see their "bigger picture" that includes the so-called benefits of having the government possess the full medical records of its citizens. Afterall it takes only one bill or amendment to one that gives insurance corporations full access to this. It's one thing to let them demand you give it to them to get insurance, it's another to force the people at gun point, which is how all laws are ultimately enforced, to give their information to the government who then can sell it to raise some more money needed to hide part of the proof of its fiscal irresponsibility.
So again sheeple, repeat after me. "We're the government. This happens because we want it to. Democracy works and the people are in charge. You can trust your government. Bahh baahhhh baaahhhh"
'The Real Story'? (Score:3, Insightful)
All the bullshit surrounding HIPAA and other requirements merely increase the paperwork required for medical professionals to do their job. If your wife wants to know if you've got VD, a simple subpoena will suffice. Since your insurance company is paying for your claims, they've got both a diagnosis and a treatment plan. Sure, you can have your privacy, but that means you're going to pay as you go.
Who the hell are you keeping your medical records private from? If you are a drunk and/or drug abuser, your coworkers, friends, and family already have a pretty good idea. If you have AIDS, anyone who you fuck should be told anyway.
What's the big idea if someone knows your A1C? Knowing these results isn't a problem, acting on them in a discriminatory matter is a problem. But for that, there are already guidelines in place, with legal precedence set.
There's another trick, at least in the US: medical pay is for shit. Doctors do okay, everyone else does lousy. The money is much better in porn sites. The money available to pay admins won't get you a competent person (except for me. I'm a cheap lay.) Where is all the money going? Lame ass stuff. Procedures to extend the life of a terminal cancer patient for an extra two months. Put more money into preventative care. Oh, wait, that was tried with HMO's. But every little pissant got annoyed because they couldn't see their holy shaman....errr specialist. Public programs (medicare and medicaid) pay reasonable amounts for 'emergency' care, but next to nothing for preventative maintenance.
Smoking is one of the deadliest scourges to face society, yet no insurance company covers nicotine replacement therapy, support groups, etc.
Re:'The Real Story'? (Score:4, Insightful)
But I don't fuck my employer. Why should my employer know that I have cancer/am diabetic/am HIV positive/have [INSERT MEDICAL CONDITION HERE]?
Re:'The Real Story'? (Score:1)
BTW, wanna know a real nightmare? Trying to be a medical employer. Each employee has no fewer than three charts, with only certain data available for certain people. All are under separate lock and key.
Which winds up all being for naught, as most of the employees are more than willing to spill almost any details relative to their own illnesses.