EHIP

Even if the people in question are highly qualified health professionals.

With the possible exception of your bank account details, medical histories are the most sensitive - and potentially embarrassing - examples of personal data held by the authorities.

Yet more people than ever before are being allowed access to them - and it is raising serious concerns about confidentiality.

This week, in Scotland, seven BBC journalists were told that their medical records had been inappropriately accessed by a unnamed doctor in Fife through a new central database.

Automated summary from: BBC News

Black market criminals are offering to sell details on 21 million German bank accounts for ¬12 million (US$15.3 million), according to an investigative report published Saturday.

Reporters for WirtschaftsWoche (Economic Week) managed to obtain a CD containing 1.2 million accounts after a November face-to-face meeting with criminals in a Hamburg hotel, according to the magazine.

That CD contained the names, addresses, phone numbers, birthdays, account numbers and bank routing numbers of the theft victims, they reported.

This is the second high-profile German data breach in the past two months.

Automated summary from: IT World

A Credit Suisse analyst cut his price target on shares of IMS Health Inc. on Friday, saying the market research company's products will become less valuable if U.S. states follow New Hampshire's lead by making prescription data private.

BuzzOn Nov. 18, the 1st U.S. Circuit Court of Appeals upheld the New Hampshire Prescription Information Law, which makes prescribing information confidential.

Santangelo said 20 states have considered similar laws over the last few years, but none had successfully banned the practice.

Automated summary from: Forbes

The National Institutes of Health quietly blocked public access to databases of patient DNA profiles after learning of a study that found the genetic information might not be as anonymous as previously believed, the Los Angeles Times has learned.

Creators of the database had taken steps to mask the identities of patients, summarizing and aggregating the genetic information.

Such a confirmation could reveal the patient's participation in a study about a specific medical condition, experts said, and deny the patient his or her presumed confidentiality.

"It's possible, but the likelihood is quite low" that a patient's privacy could have been violated, Dr. Elizabeth Nable, head of the NIH's genetic oversight body, said Thursday evening.

Added Fred Bieber, medical geneticist at Harvard Medical School: "The lesson is that with enough genetic information, it's becoming easier to identify individuals, even though their identities are presumed to be" made anonymous.

Automated summary from: thenewstribune.com

Can a state government prohibit an individual from posting Social Security numbers online that were easily and legally obtained from government Web sites?

The answer, a federal judge in Virginia ruled last week, is a definite 'No,' at least for Betty "BJ" Ostergren, a privacy advocate who operates a Web site that posts Social Security numbers obtained from public records.

In a memorandum issued last Friday (download PDF), Judge Robert Payne of the U.S. District Court for the Eastern District of Virginia ruled that it would be unconstitutional for the state of Virginia to force Ostergren to remove from her site Social Security numbers that she legally obtained from public records.

The lawsuit challenged the constitutionality of an amendment to Virginia's Personal Information Act, which forbids the dissemination of any records that contain Social Security numbers, no matter how the records were obtained.

Ostergen, who has been working for several years to force Virginia county governments to redact Social Security numbers and other personal data from records posted online, contended in the suit that the law was passed specifically to curtail her campaign.

Ostergren pointed to at least two U.S. Supreme Court rulings saying that it is unconstitutional to prevent the publication of information -- even sensitive material -- that is legally available in the public domain.

In the 33-page ruling issued last week, Judge Payne held that the same logic applies in the case of Social Security numbers posted on Ostergren's Web site.

"It is difficult to imagine a more archetypal instance of the press informing the public of government operations through government records than Ostergren's posting of public records to demonstrate the lack of care being taken by government to protect the private information of individuals," Payne wrote.

Automated summary from: Computer World

When most patients go to the pharmacy to fill a new prescription, they don't think twice about turning over the note from their doctor.

Not much to the average consumer -- but to the world's largest drug makers, the information is an invaluable sales tool that they use to track what drugs individual doctors are prescribing all across the country.

Companies like IMS Health have built an industry around gathering prescription data and selling the information to pharmaceutical companies for millions of dollars each year.

Judges in Maine and New Hampshire have handed the companies early victories, declaring laws aimed at stopping the commercial use of prescription data unconstitutional.

Luis Salazar, a privacy specialist in the Miami office of Greenberg Traurig, said he didn't know of any such move yet in Florida, but he wrote in the recent edition of the Privacy Advisor newsletter: 'The outcome could be a case of whither goes New Hampshire, so goes the nation.

''Obviously these companies want doctors to prescribe the medicines they're marketing,'' said New Hampshire Assistant Attorney General Laura Lombardi.

Attorneys for New Hampshire and Maine say their laws, which ban or limit the sale of prescription data, protect the privacy of doctors and patients.

Automated summary from: MiamiHerald.com

The British government began an investigation Tuesday into how a computer containing highly sensitive bank information of over a million people was sold via online auction site eBay.

A former employee of a data archiving firm put the computer up for sale without erasing the sensitive data earlier this month, reported British newspaper The Daily Mail.

Automated summary from: CBC

Baptist Memorial Health Care Corp. in Memphis recently found itself dealing with a proliferation of user-owned plug-and-play USB port drives that posed a security risk to sensitive patient data.

Lenny Goodman, IS director for desktop management at the health care company, said users found it difficult to copy significant amounts of data to floppy disks, and the company "did not allow CD writers."

So users turned to "the USB flash drive, with enormous capacity and zero installation," Goodman said earlier this month.

The result: Baptist Memorial created strict policies around the use of flash memory sticks, iPod music players and other portable storage devices by standardizing on USB memory sticks that have native encryption and password protection.

Automated summary from: Computer World

Powered by Qumana

Google has begun testing face-blurring technology for its Street View service, responding to privacy concerns from the search giant's all-seeing digital camera eye.

The technology uses a computer algorithm to scour Google's image database for faces, then blurs them, said John Hanke, director of Google Earth and Google Maps, in an interview at the Where 2.0 conference here.

Google has begun testing the technology in Manhattan, the company announced on its LatLong blog.

New jurisdictions, new rules Street View poses other privacy issues besides just faces.

Street View presents a view of dozens of United States cities from a driver's perspective (unless a plastic bag is stuck over the Street View camera).

"A just balance needs to be found between what can be publicized, in deference to the principles of freedom of expression and of information, and what has to be safeguarded from excessive public curiosity, so as to avoid infringing the individual's right to privacy and right to his or her picture," the French embassy observes.

Face detection, which humans perform effortlessly with help from some dedicated neurons in the visual cortex, is a decades-old computer science problem.

It's finally arriving in basic form in real-world applications, though, including digital cameras that use it to track and properly expose subjects or take a picture only when subjects are smiling.

Automated summary from: CNET

Google's Street View service didn't invade a Pittsburgh couple's privacy, the search giant said in a response to the couple's April lawsuit over the matter.

"Today's satellite-image technology means that...complete privacy does not exist," Google said in its response to the complaint.

They claim these injuries even though similar photos of their home were already publicly available on the Internet, and even though they drew exponentially greater attention to the images in question by filing and publicizing the lawsuit while choosing not to remove the images of their property from the Street View service," Google said in the response.

Automated summary from: CNET