Sarah Silverman is a comedienne on cable's Comedy Central, and although I haven't seen her new show, I've seen the trailers while watching The Daily Show. On one of them she is talking to school children and saying something like, "If they can put a man on the moon, they can put a man with AIDS on the moon." Then there's a pause while the times for her show are hyped. When she returns she adds, "And then maybe they can put everyone with AIDS on the moon." Or something like that. It's funny. Sort of. Until you read the latest report of Congress's non-partisan investigative arm, The General Accountability Office:
The Bush administration has no clear strategy to protect the privacy of patients as it promotes the use of electronic medical records throughout the nation?s health care system, federal investigators say in a new report.In the report, the Government Accountability Office, an investigative arm of Congress, said the administration had a jumble of studies and vague policy statements but no overall strategy to ensure that privacy protections would be built into computer networks linking insurers, doctors, hospitals and other health care providers.
President Bush has repeatedly called for the creation of such networks, through which health care providers could share information on patients. In 2004, Mr. Bush declared that every American should have a "personal electronic medical record" within 10 years -- by 2014. With computerized records, he said, "we can avoid dangerous medical mistakes, reduce costs and improve care."
But in the report, issued this month, the G.A.O. said the administration had taken only rudimentary steps to safeguard sensitive personal data that would be exchanged over the network.(New York Times)
I'll be frank with you and say as a cancer epidemiologist mainly doing environmental and occupational studies I have real ambivalence about the American fetish for privacy. I know this will shock some of you. Mrs. R. has no such mixed emotion. Privacy, and medical privacy in particular, is a major issue for her. On the other hand I see my public health colleagues in Sweden able to do important studies by virtue of the fact they are able to trace people in ways impossible here. Even what I used to be able to do is getting very difficult. I also see large chemical companies stoking the privacy issue because the ability to follow-up exposed workers is nothing but trouble for them. They are only too happy when we have trouble doing our studies.
Meanwhile the horse is already out of the barn. Some 23 year old clerk in Kansas City working for an insurance company knows whatever he or she wants to know about your medical record and makes decisions about it for which you have no recourse or usually no knowledge. When you sign that little disclosure statement on your medical intake form you have essentially lost your privacy. So the net effect of the privacy legislation -- legislation that big manufacturers loved -- is to prevent legitimate researchers from getting information that might help; you and allowing those that don't have your interests at heart to have whatever information about you they want.
Having said that, I understand the distrust this attitude displays. I don't want
Bush and his cronies to have my medical information either because they manifestly don't have my best interests at heart. The idea that armed with medical information they might be able to put everyone with AIDS on the moon might even spark a resurgence of the space program for these guys.
They'd launch from Cape Falwell.
- Log in to post comments
Hi - For what it is worth I agree on the space program. That is one of the important things that separates us from rabbits and it is one of the things that will be important a century from now whereas our current political fights will be irrelevant. Respecting privacy I am with your wife on this but I think it is a losing battle. Technology makes it possible and I don't think all the laws in the world will make a difference. We are creating what amount to mass survielance technologies to monitor entire populations first in the name of security and then in the name of law enforcement and finally in the name of economics. All of us who work for government presume all of our network activities are monitored. The grocery store monitors (or tries to) all of my purchases allegedly for my benefit, and it goes on and on. My car and cell phone will now report my whereabouts to whatever government agency wants to know. Our only hope is the typical incompetence of government (and large corps for that matter) to actually do much with the information. At least for now.
carl: FWIW, I agree with you.
They can't protect their own information, either.
So you can jolly well forget about their protecting yours.
Check out this little prize from Federal Computer Week a couple of weeks ago.
Cyber officials: Chinese hackers attack 'anything and everything'.
It's the usual pissing and moaning. Yeah, I'm quite prepared to believe that Chinese spies are running roughshod all over the DoD networks. But, as per usual, we're fighting this year's war with last decade's tactics. With nauseatingly predictable results.
For starters, why on earth is anybody at a place as sensitive as the Navy War College using a Windows client??? The fact that the Bad Guys are using trojans to compromise so many of these systems makes this fact more than clear.
Why are they using Microsoft Office tools, for that matter?? Since MS Office has been the target of several recent targeted attack waves using 0-day exploits, and the next half dozen are only a matter of time. It isn't that we don't have alternatives these days; we do. And these are alternatives where you don't have to go to a vendor, hat in hand and take a ticket, to get vulnerabilities fixed. We're just not using them.
In fact, why on earth is anybody at the Naval War College running any client at all that boots off a freaking hard disk?? They should be running clients that boot off of read-only media. Those media ought to be checked out from the network security people. And those same network security people ought to be issuing new ones every two to four weeks. More often than that if some particularly nasty vulnerability arises that has to be patched Right This Minute.
You boot off of CD or DVD, and nobody is going to trojan your OS if he's at the far end of a network wire. You keep your work and your config on a flash memory stick or an outboard drive, and you check those out, too.
Until the Feds pull their heads out, which, if history is any guide (Arausio, Jena/Auerstadt), will be AFTER the disaster, not before, we are just going to keep on losing.
Sorry about the rant, which is somewhat O/T. This stuff just steams me because it's pointless waste.
A couple of points Revere:
1. Its the General Accounting Office not Accountability Office and they produce everything BUT non-partisanship reports. The guy who generally requests the report ends up with what he wants to hear. Waxman of California is notorious for it.
2. You are not wrong about the clerk in Kansas City. I didnt know that they were even that old. ARE YOU SURE ITS NOT A 23 YEAR OLD IN BOMBAY? Come on, you cant seriously think that they would let someone have your medical records there. Its not like they have your American Express information... Jezuz, come on Revere. You know as well as I do they are as honest as they can be in the cyberworld and all this electronic shit is really the Matrix.
3. Privacy legislation-Sorry, if you dont give them your SSN or your birthdate they are required to issue you a computer record number now. You cant be forced to issue either and care cannot be denied because of it. Federal laws already on the books. This doesnt mean applications for state and federal documentation though. Its a right you retain. USE IT!
4. Privacy statement-Shit. Dont sign it and hope they do release it to someone. With our litigators lying around like maggots on a corpse, they would drool over it. Make sure you tell them how traumatized you were by it and how you couldnt work or sleep or none of that stuff. Night before the trial go to Atlantic City, smoke cigarettes and drink bourbon whiskey until an hour or two before the trial. You'll look great. Oh yeah, wear that suit the cat crapped on too.
5. You are right and so is Ms. R. It isnt Sweden here. Thats the reason they call it the USA. As for the Swedes you have to be neutral or their 9 million and change citizens will revolt. Thats it. We will send Connecticut after them if we have a war. They only have a 3 to 1 advantage over them. The Swedes can lose and then apply for foreign aid from... you guessed it-The United States. I guess they hate the US too because they have only 3.3 billion invested in the Swedish pension fund. That goes if and when the US falls down because we socialized everything or bird flu burns us all. No incentives to invest. The government will just own it all. Bill and Hillary Clintons tax plan.... Just fill in the amount you made over the poverty level, send it in. Oh, next year you wont have to worry about it everyone will be under the poverty level and they'll just raise taxes on the super-rich. They call it INCOME tax. It just becomes a tax and spend money mill and with no income, you as a new poor pay none in. Suddenly one day, its bust all the way around and you cant tax anymore, you cant spend anymore and it falls apart.
Go ahead... The way this country blows money on wars, BS programs, and etc it will accelerate that decline you speak of. I wouldnt give us 10 years.
6. Dont download the Anarchists Cookbook. For starts theres a lot of flawed stuff in there. Then there's the fact that if you use it, you will blow yourself up. Last on that one is that the carnivore program is alive and well at the FBI. They will happily kick J. Falwells door down too. Problem is that it will likely be at a Liberty University boys pep rally... in his basement. You know the one with all the special angle cameras.
Charles-Linux and Firefox. Now if you want to tax someone go after Bill Gates. He deserves everything that happens to him. Shitty systems designed around shitty software... Ever hear about the flaws on the Hubble mirrors. Thanks Bill.
Swedish laws are irrelevant. Your collegues know that if they betray the trust, their kids will be shunned in school, their careers will come to solid thumping halt, and their cats will defecate in their shoes.
US laws are irrelevant. They were engineered that way. Your clerk in Kansas probably lives in Mumbai, and she will be thrown to the wolves at the first echo of a howl from over the hill. The corporation will call in a platoon of lawyers and bankers to stonewall any impertinent consumers, and also dispatch a buyer to Washington to purchase a stock of indulgences.
You don't have access, Revere, because you are trustworthy. If you were willing to accept a few pieces of copper as downpayment for a modest compromise on your integrity, all those silly privacy and need-to-know restrictions could be waved away.
The phrase we used in Boeing and Rockwell and Lockheed when NASA contracts went bad was: "If we could put a man on the Moon, why can't we put a man on the Moon?"
Not just medical databases, either. In Sweden, there aren't allowed to be ANY scret databases on people. If you're in a database, they've got to tell you, and let you correct it if it's wrong.
The US data privacy laws are a joke. Corporations are allowed to exchange data on you with their other units.
How long before they refuse to renew your medical insurance because another unit in the company is a grocery store chain, and they think (on analyzing your food purchases) that your cholesterol is way to high?
Randy: Look again. It USED to be the Government Accounting Office. It is now the Government Accountability Office. I did a double take first time I heard it referred to this way, but you will see the name changed. They are non-partisan. I've served on GAO panels and they are like NRC/NAS panels. There is plenty of room and time for review and response by those mentioned. They do not always come up with what the sponsors want and sponsors have no control over it. Yo hear about the more controversial reports but they do many you don't hear about.
Got me on this on this one Revere. Spent quite a bit of time in the new mission statement last night. Still gives the majority on both sides of Congress the ability to spill the reports in their favor.
OMB is really an Administration counter to this. So do we have a shadow government in the US? Well we certainly have redundancy if we dont. Lots of sweeping new powers under that Accountability name.
http://www.gao.gov/about/namechange.html
The issue is not so much privacy in itself (always a bug bear and scary topic for anglo-saxons) but in fixing limits to transparency and regulating information use. This can be accomplished at least hypothetically - but like all things, it takes awareness and political will, and a society that is at least partly based on trust, and willing/capable of reacting when that trust is violated.
People who live in more collectivist societies generally have no objection to their basic data being used for legitimate purposes (eg. medical studies, demographics, etc.) or the ordinary commercial purposes (special personal offers from the supermarket) and even consider that the basics must be public, for the good of all (eg. official address for everyone so that debt collection can proceed, etc.; number of cancer patients around the nukulear plant, etc. ) In Switz. for example, access to medical information (which is taboo...but obviously can be 'hacked') is not considered problematic by the public, as laws stop insurers from refusing clients, and employers either need show no concern (an AIDS patient who does his job can be kept on, if not he is fired). It is not that simple, of course, and the potentialities for many abuses exist; the idea of eliminating them all is in any case irrealistic and shouldn't be considered. A rough, consensual framework, that is the thing.