| Protecting Privacy On-Line |
|
|
|
|
Page 2 of 2
Zoe Hudson, one of the authors of the California Healthcare Foundation study on health Websites' privacy practices, says doctors need to be aware of the possibility of unintentional disclosure or collection of information, like through banner ads. One key consideration, she says, is if the site is produced in conjunction with a drug company, physician group or HMO, are they getting information from visitors to the site without their knowledge? From an institutional standpoint, privacy advocates have been calling for guidelines and laws to protect personal information, which would in many cases make it easier for doctors to create their own Websites and keep privacy concerns to a minimum. "Our view is there needs to be legal rights to protect personal privacy information, to give consumers control of their information that's held by other entities," EPIC's Mr. Rotenberg says. "But technology also plays an important role." Some regulators are on the case. In early February, Senator Robert Torricelli (D-NJ) proposed a plan that would make it unlawful for companies to collect personal information on-line without first getting permission from the consumer. Shortly after that proposal, House and Senate lawmakers formed task forces to grapple with privacy issues over the Internet, noting that the laws have not kept pace with technology. In terms of patient healthcare records, legal protection and regulation of such documents sent electronically is an issue that Congress appears to be gearing up for. In March, the House Ways and Means health subcommittee held a hearing on the Department of Health and Human Services' proposal, issued last fall, to protect electronically transmitted medical records. That 600-page proposal included provisions for consumers to control their medical records, accountability for use of medical records, limits on the use of those records and a mechanism to balance privacy protections with the need to use records to protect public health, conduct medical care or improve the quality of care. Shortly thereafter, the Health Insurance Association of America chimed in, saying the regulations as proposed would limit the ability of insurers and health plans to improve the quality of healthcare. The trade association also said the regulations carried too much red tape that would only lead to higher health insurance premiums. Mr. Hendricks of Privacy Times says any on-line privacy law should give consumers a baseline of protection and prevent information that is collected for one purpose from being used for another purpose without the consumer's consent. In addition, he says the Federal Government should set up a national privacy agency -- similar to the National Labor Relations Board -- to handle questions, disputes and other privacy problems. "Every Western country has a national privacy office except the United States," he says. Products, Services Offer Assistance Until industry and government come to some agreement on standards and regulations to protect privacy on-line, consumers will have to fend for themselves. Some companies are stepping in and providing services to help consumers protect their personal information. One such company is AdSubtract.com (www.addsubtract.com), of Braintree, Mass., which offers free software that blocks banner advertisements and cookies. Other companies are developing software to protect privacy while allowing advertisements targeted to an individual's preferences. Then there is New Jersey-based Junkbusters Corp. (www.junkbusters.com), which provides downloadable software that blocks banner ads and gives consumers ways to reduce unwanted junk mail. The company also offers news and information on privacy issues on its Website and provides tips on how to protect privacy and control "junk" communications. TRUSTe is an independent, nonprofit privacy group that has developed a third-party oversight "seal" program to help ease on-line privacy concerns. Websites that have a TRUSTe flag, or "trustmark," as the group calls it, are members of TRUSTe that adhere to privacy principles that include notice and disclosure of information collection and use practices. Those sites also give users the chance to exercise control over their information and have security measures to help protect the security of personally identifiable information. In addition, TRUSTe members agree to comply with ongoing oversight and consumer resolution procedures. Security of credit cards is one area of on-line privacy and protection that the industry has succeeded at solving through the use of so-called secure servers. Some Websites have guaranteed credit card security policies and most allow consumers to call in orders over toll-free telephone lines if they are not comfortable sending their credit card number over the Internet.
But no credit card number -- and in fact no personal information -- is completely secure from computer hackers who break into computer systems or databases and steal sensitive information. The computer industry is diligently working to enhance protections against these kinds of privacy breaches. One company, McAfee.com (www.mcafee.com), which provides security software products for personal computers including virus protection products, recently introduced an Internet security application called McAfee Personal Firewall that is designed to help protect against hackers by monitoring a user's Internet traffic and blocks unauthorized action. Written by: Gregory Crawford |
Unintentional Disclosure
| < Previous | Next > |
|---|