Yes, Facebook has issues with privacy. Just Monday, the Electronic Privacy Information Center, the Center for Digital Democracy, Consumer Watchdog and the Privacy Rights Clearinghouse formally asked the Federal Trade Commission to stop Facebook from launching a facial-recognition feature. Last week, European regulators said they would investigate Facebook after it came out that Facebook’s 500 million to 700 million users were automatically opted in to facial recognition.
It is unlikely that Microsoft would allow HealthVault PHI to be shared with Facebook (FB), just because a user accesses HealthVault with his/her FB credentials. However, the link above makes an excellent point regarding the possibility for mischief.
I suspect that many users, for various reasons, do NOT protect their FB login credentials as well as they should. If such credentials are shared with others than Pandora's box has just been potentially opened to unwarranted use of a person's PHI, despite the fact that the user in question may not have known (probably did not know) of the potential risk.
The bottom line is that in the U.S. we simply remain much too cavalier about privacy rights, and this includes healthcare privacy rights, despite all the lip service to the contrary. HHS/OCR has been slow to aggressively enforce the new HITECH Act privacy and security provisions en masse, and I suspect that we will need some sort of "privacy disaster" (e.g. millions of patient records compromised) before any actual/meaninful movement along the enforcement front occurs.
Looking for a best of breed HIPAA Training?
To stay current on the HITECH Act and its quickly changing regulatory scheme visit the HITECH Survival Guide website and/or sign up for our free monthly compliance newsletter. Also, check out our FREE EHR Checklist.
If you need tools that will help with your compliance initiatives then check out the HSG Store. Do you need an Internet Lawyer with HITECH / HIPAAexperience?
Comments