Wednesday, May 16, 2018

Hurried, tacky, and sloppy way to revoke health privacy protections at Legislature

Voiding Minnesota's strong health data privacy protections with an amendment by Representative Zerwas to SF 3019 on the House floor tomorrow (Thursday May 17th) is foolish and senseless.

Of all the votes in the Minnesota Legislature on privacy this session, this is the ONE the public needs and legislators need to pay attention too.  The amendment slays Minnesotan's robust right to consent where your most sensitive health data shall go.  The proposal is poorly designed and done in a hustled way by business and health industry interests.

The attempt by the author is to do away with one of the best health data privacy protection/rights in the country and replace it with parts of the HIPAA regulations.  Important to understand the premise, that HIPAA, a federal regulation sets a minimum floor of privacy protections and rights, but allows states to be more protective of your information or provides you with more rights.

When I pressed Representative Zerwas, who is the author of the original bill, and corporate and health industry lobbyists I did not get a coherent and detailed rationale.  What one hears for this  change: will save money and give coordinated care. (questionable)  Also said  the proposal will not damage your health data privacy, because you have the federal government minimum standards to rely on.

But proponents of the amendment are wrong in their surety that adopting HIPAA standards and ditching our state protections will fill the gap of privacy protections. 

Our current law assures you have control where your most sensitive data goes to and for what purpose.  For example, you do not want your mental health data to be seen or sent to the foot doctor, you have that choice and right.  Minnesota law allows you to CONTROL where your health data goes.

Slapping down Minnesota's consent provision jeopardizes your privacy to where your health data can be widely disseminated and be used for purposes without your knowledge and consent.

Who decides where, for what purpose, and to whom your personal health data is used and dispersed, you or the business and health interests?

If the proponents want to ditch Minnesota's consent and privacy protections show how HIPAA  has same robust protection with consent and privacy protection.

Instead, what is proposed on the floor of the House is deletion of about 13 words of our current law and replace it with some twenty words referring to a federal regulation.  The regulation is pages long and I am sure many of the House members have not read and understand.

The regulation with its broad language and definitions encompasses many activities that many people are not familiar with and allows for health data to be strewed about which individuals may want to control and not so easily be strewn about.

There has been no hearing on the Senate side on the original bill or amendment.  In the House only one hearing in a health committee.  The bill has not been heard in the Civil Law and Data Practices Committee.

To be clear, can there be changes to Minnesota law to accommodate concerns and issues, yes, but not in this manner.  Trading this amendment for the loss of our states protections is a bad exchange.  If this proposal along with others can be discussed in a rationale and comprehensive way, it would be better for us.

The place for this rationale and comprehensive discussion is the Legislative Commission on Data Practices and Data Privacy.  With suggestions to be made for January 2019 when the Legislature comes back.  Many questions and issues can be discussed in a way that all parties will get their say.

The commission can explore many questions and issues such as:

How can state law deal with the wishes of an individual patient to not have certain sensitive data be shared with others?

Can coordination of care and individuals right to control where their data goes co-exist within state law?  (Note:  Over the years when issues arose they have been addressed within our state law on health data)

How can penalties and rights for patients be more enhanced on a state level where there are violations of privacy rather than rely on a federal agency?

These are just some examples of points of questions that need  and can be explored.

Minnesota has had a comprehensive health data privacy law which has been recognized nationally.  Why would we want to lower our standards?  Do not think the HIPAA regulations give you a comfortable feeling of reassurance that sensitive health data is a matter between you and your doctor, you'll be duped.  The federal regulations set standards for privacy where health, business, and public interests often prevail over the patients desire for confidentiality.

Do not abrogate Minnesota's privacy/consent provisions in this hasty and sloppy way.

1 comment:


    Are You Seeking For A LEGIT PROFESSIONAL HACKER Who Will Get Your Job Done Efficiently With Swift Response?? CONGRATULATIONS, Your Search Ends Right Here.

    • We are a Team Of Professional HACKERS , a product of the coming together of Legit Hackers from the Dark-Web (pentaguard, CyberBerkut, White Hack and Black Hat,) we have been existing for over years, our system is a very strong and decentralized command structure that operates on ideas and directives.

    Whenever We Are been hired as a Team Hackers We typically only take jobs that We find somehow original, challenging, or especially helpful to the community. We’ve never wanted to sit around defending some video game company’s source code from network intruders – We prefer to help nonprofits, private investigators, Private Individuals, government contractors, and other traditionally underserved populations. 
    And We’d rather match skills against the best in the field of state-sponsored hackers engaged in economic espionage than put some kid in prison for pranking the phone company. When a company tries to hire Us, the first question I ask is: “Who is this going to help?”
    I know COMPOSITE HACKS is Well known for LEGIT HACKING SERVICES, but i always try to avoid people thinking We’r proud or making Many individual think its only the big companies that can hire Us, fine, here is Our mail: “””””” You Can Reach Out To Us for Your Desired HACKING Services Ranging from:
    * Penetration Testing
    * Jail Breaking
    * PHONE HACKING (Which gives you Unnoticeable Access to Everything that is Happening on the phone such as call logs, messages, chats and all social media Apps .
    * Retrieval Of Lost Files
    * Location Tracking.
    * Clearing Of Criminal Records.
    * Hacking Of Server, Database And Social Media accounts e.g Facebook, twitter, Instagram Snapchat etc

    * Bank Accounts Loading ( Only USA Banks)
    * Credit Cards Loading (Only USA CC’s)’

    ★Our Team houses a separate group of specialists who are productively focussed and established authorities in different platforms. They hail from a proven track record Called “HackerOne” and have cracked even the toughest of barriers to intrude and capture or recapture all relevant data needed by our Clients. Some Of These Specialist Includes PETER YAWORSKI, FRANS ROSEN, JACK CABLE, JOBERT ABMA, ARNE SWINNEN And More

    ★COMPOSITE HACKS is available for customer care 24/7, all day and night. We understand that your request might be urgent, so we have a separate team of allocated hackers who interact with our Clients round the clock. You are with the right people so just get started.

    * Email:
    * Wickr: compositehacks