reederm,
@reederm@qoto.org avatar

Psychology news robots distributing from dozens of sources: https://www.clinicians-exchange.org
.
Does HIPAA Even Exist for Large Corporations?

I don't care if anyone knows I just got a COVID vaccine. Most people
don't care.

However, CVS Pharmacy just sent me an after-visit report across
unencrypted Internet to my email address.

The form included such fields as:
-- My Full Name
-- DATE OF BIRTH!
-- My Full Home Address
-- Medication Administered
-- Date and Time of Appointment
-- Name of Pharmacist I saw
-- Name of Doctor at CVS overseeing it all
-- Name and Address of my Primary Care Doctor

Also:
-- All the answers to my screening questionnaire! including my yes/no
answers to multiple medical conditions such as heart problems,
immunocompromise, seizures & other brain problems, and pregnancy.

So many things wrong here. This is almost enough information for
identity theft (lacking only SSN). It gives away LOTS of my medical
information. If I had a Gmail email address, Google would now have all
this information. What if I was a pregnant female in the southern USA
where Attorney Generals are starting to track state of pregnancy for
later prosecution if women go out-of-state for abortions or have a
suspicious (to them) miscarriage?

*How does CVS get away with this when smaller medical offices have to
be so careful?
*

*Michael Reeder, LCPC

*#AI #EHR #medicalnotes #progressnotes #healthcare #patientportal #HIPAA
#dataprotection #infosec @infosec #doctors #hospitals #CVS
#COVID #sars-cov-2 #longcovid #severecovid#covidisnotover #pharmacy
#vaccine
.
.
NYU Information for Practice puts out 400-500 good quality health-related research posts per week but its too much for many people, so that bot is limited to just subscribers. You can read it or subscribe at @PsychResearchBot
.
EMAIL DAILY DIGEST OF RSS FEEDS -- SUBSCRIBE:
http://subscribe-article-digests.clinicians-exchange.org
.
READ ONLINE: http://read-the-rss-mega-archive.clinicians-exchange.org
It's primitive... but it works... mostly...

wcbdata,
@wcbdata@vis.social avatar

@reederm @infosec @PsychResearchBot CVS (and others, of course) get away with this because somewhere, at some time you probably didn't even notice and cannot recall, you checked a box or clicked a button attached to a few thousand words of scrollable legal language that gave them your permission to do so. And somewhere, buried in a labyrinth of menus, domain names, and subcontracted cloud-based CRM software, there is an option to un-check that box. A healthcare system, if we can keep it.

reederm,
@reederm@qoto.org avatar

Bill -- Entirely possible that there was some sort of consent form to dump most of the medical data they have on me onto the Internet.

I'm a psychotherapist. The only form I have that comes close is a very clear form allowing clients who want PHI in our individual emails. I actively and clearly discourage this, instead directing them to an encrypted messaging portal for such conversations.

@wcbdata @infosec @PsychResearchBot

hammerheadcorvette,

@reederm @infosec @PsychResearchBot It's actually enough information if you are the right person, considering all the large hacks recently. . . AT&T and others.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • ai
  • DreamBathrooms
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • mdbf
  • tacticalgear
  • JUstTest
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • megavids
  • lostlight
  • All magazines
    •