Privacy laws need updating after Google deal with HCA Healthcare, medical ethics professor says; CNBC, May 26, 2021

Emily DeCiccio, CNBC; Privacy laws need updating after Google deal with HCA Healthcare, medical ethics professor says

"Privacy laws in the U.S. need to be updated, especially after Google struck a deal with a major hospital chain, medical ethics expert Arthur Kaplan said Wednesday.

“Now we’ve got electronic medical records, huge volumes of data, and this is like asking a navigation system from a World War I airplane to navigate us up to the space shuttle,” Kaplan, a professor at New York University’s Grossman School of Medicine, told “The News with Shepard Smith.” “We’ve got to update our privacy protection and our informed consent requirements.”

On Wednesday, Google’s cloud unit and hospital chain HCA Healthcare announced a deal that — according to The Wall Street Journal — gives Google access to patient records. The tech giant said it will use that to make algorithms to monitor patients and help doctors make better decisions."

Facebook admits it discussed sharing user data for medical research project; The Guardian, April 5, 2018

Amanda Holpuch, The Guardian; Facebook admits it discussed sharing user data for medical research project

[Kip Currier: Timely to see this article, after discussing HIPAA and medical research data in my lecture yesterday on "Legal and Ethical Issues of Research Data Management (RDM)". And after my post here, responding to John Podhoretz's "sorry, you are a fool" New York Post opinion piece.]

"Medical institutions are held to a higher privacy standard than Facebook because of laws such as the federal Health Insurance Portability and Accountability Act, or Hipaa, which makes it illegal for health care providers and insurers to share patient data without their permission.

But it is not clear how the proposed research would have complied with this strict health privacy law.

Two people who heard Facebook’s pitch and one person familiar with it told CNBC that the proposed project would mesh data from health systems (such as diagnoses and prescribed medications) with data from Facebook (such as age, friends and likes). The idea would be to match what is known about a patient’s lifestyle with their medical needs to customize care."

The Guardian view on Grindr and data protection: don’t trade our privacy; Guardian, April 3, 2018

Editorial, Guardian; The Guardian view on Grindr and data protection: don’t trade our privacy

"Whether the users were at fault for excessive trust, or lack of imagination, or even whether they were at fault at all for submitting information that would let their potential partners make a better informed choice, as liberal ethics would demand, the next thing to scrutinise is the role of the company itself. Grindr has now said that it will no longer hand over the information, which is an admission that it was wrong to do so in the first place. It also says that the information was always anonymised, and that its policy was perfectly standard practice among digital businesses. This last is perfectly true, and perhaps the most worrying part of the whole story.

We now live in a world where the valuations of giant companies are determined by the amount of personal data they hold on third parties, who frequently have no idea how much there is, nor how revealing it is. As well as the HIV status, and last test date, Grindr collected and passed on to third parties its users’ locations, their phone identification numbers, and emails. These went to two companies that promise to make it easier to deliver personalised advertisements to phones based on the users’ locations and to increase the amount of time they spend looking at apps on their phones. The data was in theory anonymised, although repeated experiments have shown that the anonymity of personal information on the internet is pretty easily cracked in most cases."