Slashdot Mirror

So they did genotyping on the measles cases from Disneyland. There's a pretty detailed report here if you care to spend 2 seconds doing a Google search. There were 31 people who had recently been vaccinated who showed up with febrile rashes which were caused by the vaccine for measles, but that's actually a known side effect of the vaccine (in ~5% of cases) and wouldn't have been full blown measles in any case. The actual outbreak strain was genotype B3 which account for 73 cases that were tested, and those folks actually did get measles.

So...maybe spend a few seconds researching before spewing garbage on a discussion board?

Bullshit. HIPAA applies to covered entities and that's not the police

https://www.hhs.gov/sites/defa...

But it could be EMS, so it may be necessary to encrypted data links for EHRs, if not voice/dispatch.

USA Laws are limited by these 2 main laws that limit it by age (under 13) and healthcare respectively: COPPA https://www.ftc.gov/enforcemen... and HIPAA https://www.hhs.gov/hipaa/for-...

And then it's not really limited anymore except by state. Which a summary exists here: https://en.wikipedia.org/wiki/...

Bullshit. HIPAA applies to covered entities and that's not the police

https://www.hhs.gov/sites/defa...

or to determine you have a greater chance for a medical condition to raise your fees,

Here's information about the Genetic Information Nondiscrimination Act.

That said, I would not recommend that anyone have any of these publicly-sold DNA tests. It might be possible to take them anonymously, especially by making use of attorney-client privilege, but I will leave that to a lawyer to figure out.

There's all kinds of PII and PHI in that stolen information.

I'm sure these folks don't care, because, like Assange, they're trolls. When they're helping your side, they're described with superlatives. When they're harming your side, they're described with expletives. They don't care. They just do what they do for their own personal reasons.

Theoretically illegal aliens aren't supposed to be able to apply on their own, but in fact about 60% do receive public assistance.

Only immigrants with children born in the US (i.e. the US citizen) can receive public assistance. I would like to see the source for the 60% figure, that doesn't seem to be correct.

Certain states with a lot of illegal immigrants, which are known for being liberal and flouting federal law regarding immigration and drugs, go ahead and hand out the money.

That's up to states, they can't dole out federal money to illegals.

The six dependents don't have to be legal.

That's not how welfare works (SNAP, EITC or TANF). You can't claim welfare for dependents who are not the US citizen and there's also a 5-year ban. The exception I think is WIC which does give benefits to the mother of the US citizen. Here's an overview: https://aspe.hhs.gov/basic-rep...

My background: I'm a legal immigrant and I actually researched that stuff before immigration, in case I needed it.

Protection safeguards per the HIPAA laws vary with the method of data transmission. FAXes are assumed to be confidential as long as you know the number you're dialing is correct; e-mail and other digital means require you to validate most of your entire IT chain, and probably to encrypt the e-mail as well.

Poverty is defined as about $12,000 per year for a single person. Assume we wish to set UBI at 125% of poverty level - about $15,000 per year. The AGI for the bottom 50% of all taxpayers averages out to about $16,000 (divide their income by number of returns). Assume it's a normal distribution. This means about 25% of all working people earn about 125% of poverty levels.

For 25% of the population, it would be better to simply stop working and collect UBI - there would be no net change to their situation. So we have, effectively, 3 people working to support 1 person not working, meaning an additional $400 per month per worker to support the UBI situation. How many more will simply opt-out and take UBI-only because the additional $5000/year in taxes is simply too much?

Contrary to what you might have heard... you won't get addicted to opioids easily. It's needs a sustained exposure over a fairly long period to get chemically addicted

Which describes a lot of people who take various opioids like OxyContin for chronic pain or accidents with substantial recovery times. So, the very people most likely to get opioids as treatment are also the ones like to have a sustained exposure over a fairly long period of time.
  That's a recipe for chemical addiction.

- 1% sounds closer to reality than the hysterical claims made. P.S. 1% of millions is a lot... which is why you think it's more common than it is.

By the numbers, in 2016 2.1 million had a opioid use disorder and 42,249 died of an opioid overdose. Even presuming a substantial number of those are heroine/stolen opioids, how many are those are a byproduct of an original opioid prescription leading to addiction? Do we just not count those? More than 17% of Americans had at least one opioid prescription filled, with an average of 3.4 opioid prescriptions dispensed per patient. ... The average number of days per prescription continues to increase, with an average of 18 days in 2017. So, even if we take what you say is true that only 1% leads to addiction, then clearly the biggest problem is the massive over prescription of opioids that last on average 60 days.

Of course a 'pretty bad flu" can kill you - if you are already weak/ill. Alcohol withdrawal will kill even healthy people. The point is, that, again, the hysterical claims that opioids addiction cannot be beaten... are just that... hysteria.

It's not that opioid addiction cannot be beaten. It's that when you know people are likely to have addiction or at least dependence because you're literally prescribing them a recipe for addiction, you need to actually treat that situation and try to actually manage it. You don't just say "ah, 1%, that's like 0%, so let's just cut them off when treatment is done and walk away". But you don't get very far if you just blame the victim of your actions and say they were unlucky 1%, fuck 'em.

And by "very far", I mean, you encourage people to become heroine addicts. Then you get to receive money for dealing with their overdoses because heroine is cheap, but unregulated so people tend to get incorrect dosage. If only they had more will power, they'd not be that 1%. I mean, that's how addiction works, right? And it's not easy, so they must have worked for it, so they have it coming to them.

Can I drip the sarcasm any harder?

The media correctly reported Trump's figure (actually 1475, you exaggerate) in that case. If they had used numbers from the Obama administration (for the "first half of FY 2016"), it would have been 4156 "lost children."

You seem to think there is some HIPPA requirement that prevents publishing medical data for research purposes - take a look here:

The HIPAA Privacy Rule establishes the conditions under which protected health information may be used or disclosed by covered entities for research purposes. Research is defined in the Privacy Rule as, “a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.” See 45 CFR 164.501. A covered entity may always use or disclose for research purposes health information which has been de-identified (in accordance with 45 CFR 164.502(d), and 164.514(a)-(c) of the Rule)

De-identifying health information is as simple as removing patient name, birth date, and any other non-medically relevant identifier before publishing the data.

The HIPAA Privacy Rule establishes the conditions under which protected health information may be used or disclosed by covered entities for research purposes. Research is defined in the Privacy Rule as, “a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.” See 45 CFR 164.501. A covered entity may always use or disclose for research purposes health information which has been de-identified (in accordance with 45 CFR 164.502(d), and 164.514(a)-(c) of the Rule)

Source: Health Information Privacy

Ignorance of the HIPPA regulations is fueling much of the backlash this proposed federal regulation change is attracting.

Once the data is "de-identified" it can be published, and removing identifying elements is trivial.

Except that Facebook would quickly become a covered entity if they did this. They would be awfully close to a 'Health Care Clearinghouse'

They would not be a clearinghouse. Clearinghouses perform processing of information on behalf of other organizations. This means that they receive health data from a covered entity such as a healthcare provider, process the information On behalf of the other entities, and return it.

Even if they got a pass on that, they would certainly be a 'business associate' which are generally bound by HIPAA rules.

First of all... Facebook would probably have the research project's legal organization created under a 3rd party organization separate from Facebook that has a data sharing agreement with FB and other agreements with Hospitals; which would explain potential reasons for "hashing", "anonymization", and "matching", so FB isn't directly sharing information with hospitals.

Second: You are not a business associate unless your organization signs a BAA, and i'm pretty sure there's no way Facebook would sign a BAA on their users.

You're only required to sign a BAA contract if your entity processes or receives information on behalf of the other entity in a manner that involves you receiving or having access to receive protected health information from that entity.

If you're a data broker or you're in possession of unprotected information, such as personal health data or other personal info a user allowed you to collect under a ToS or different rules ---- you don't need a BAA to provide a service where there's a one-way data flow, and you provide a covered entity access to the unprotected information in your possession but don't gain access to any PHI.

In that case you are not working on behalf of or gaining access to the PHI which is under the care and protection of the covered entity.

https://www.hhs.gov/hipaa/for-...

      A “business associate” is a person or entity, other than a member of the workforce of a covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information.

The HIPAA Rules generally require that covered entities and business associates enter into contracts with their business associates to ensure that the business associates will appropriately safeguard protected health information.

  The business associate contract also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the business associate, based on the relationship between the parties and the activities or services being performed by the business associate. A business associate may use or disclose protected health information only as permitted or required by its business associate contract or as required by law.

Except that Facebook would quickly become a covered entity if they did this. They would be awfully close to a 'Health Care Clearinghouse'

They would not be a clearinghouse. Clearinghouses perform processing of information on behalf of other organizations. This means that they receive health data from a covered entity such as a healthcare provider, process the information On behalf of the other entities, and return it.

Even if they got a pass on that, they would certainly be a 'business associate' which are generally bound by HIPAA rules.

First of all... Facebook would probably have the research project's legal organization created under a 3rd party organization separate from Facebook that has a data sharing agreement with FB and other agreements with Hospitals; which would explain potential reasons for "hashing", "anonymization", and "matching", so FB isn't directly sharing information with hospitals.

Second: You are not a business associate unless your organization signs a BAA, and i'm pretty sure there's no way Facebook would sign a BAA on their users.

You're only required to sign a BAA contract if your entity processes or receives information on behalf of the other entity in a manner that involves you receiving or having access to receive protected health information from that entity.

If you're a data broker or you're in possession of unprotected information, such as personal health data or other personal info a user allowed you to collect under a ToS or different rules ---- you don't need a BAA to provide a service where there's a one-way data flow, and you provide a covered entity access to the unprotected information in your possession but don't gain access to any PHI.

In that case you are not working on behalf of or gaining access to the PHI which is under the care and protection of the covered entity.

https://www.hhs.gov/hipaa/for-...

      A “business associate” is a person or entity, other than a member of the workforce of a covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information.

The HIPAA Rules generally require that covered entities and business associates enter into contracts with their business associates to ensure that the business associates will appropriately safeguard protected health information.

  The business associate contract also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the business associate, based on the relationship between the parties and the activities or services being performed by the business associate. A business associate may use or disclose protected health information only as permitted or required by its business associate contract or as required by law.

Thanks to Obamacare, in civilized states, everyone pays the same price for insurance regardless of pre-existing status.

Are you suggesting that 62% of the States aren't civilized? That's how many had premiums double since 2013. Most of the rest that didn't double still saw an increase.

https://www.hhs.gov/about/news...

Yes, we need to reform healthcare funding, but the ACA definitely wasn't the solution.

No, actually you are mostly incorrect. HIPAA allows law enforcement quite a bit of leeway. Yes, they have to jump through a couple of hoops. No, it's not particularly difficult.

A HIPAA covered entity also may disclose PHI to law enforcement without the individual’s signed HIPAA authorization in certain incidents, including:

To report PHI to a law enforcement official reasonably
able to prevent or lessen a serious and imminent threat to the health or safetyof an individual or the public.

To report PHIthat the covered entityin good faith believes to be evidence of a crime thatoccurred on the premises of the covered entity
To alert law enforcement to the death of the individual when there is a suspicion that death resulted from criminal conduct.

When responding to an off-site medical emergency, as necessary to alert law enforcement to criminal activity.

To report PHI to law enforcement when required by law to do so (such as reporting gunshots or stab wounds).

To comply with a court order or court ordered warrant, a subpoena or summons issued by a judicial officer, or an administrative requestfrom a law enforcement official (the administrative request must include a written statement that the information requested is relevant and material, specific and limited in scope, and de-identified information cannot be used).

To respond to a request for PHI for purposes of identifying or locating a suspect, fugitive,material witness or missing person, but the information must be limitedto basic demographic and health informationabout the person.

To respond to a request for PHI about an adult victim of a crime whenthe victim agrees (or in limited circumstances if the individual is unable to agree). Child abuse or neglect may be reported, without a parent’s agreement, to any law enforcement

https://www.hhs.gov/sites/defa...

* HIPAA https://www.hhs.gov/hipaa/inde...

Patients may initiate communications with a provider using e-mail. If this situation occurs, the health care provider can assume (unless the patient has explicitly stated otherwise) that e-mail communications are acceptable to the individual.

- Link

You can't do that if they communicated using a web form.

So, 35 people died from disease. How many died from injecting toxic chemical cocktails together with viruses? No, right, keep forgetting; we're not allowed to do research on that.

There is a lot or research of the effectiveness and dangers of all of the vacines we are talking about. Heck the U.S. Department of Health and Human Services even has a website for tracking reactions in the US: https://vaers.hhs.gov/

Of course, if you believe that everyone in the industry and the HHS is "in on it" then there probably isn't much I could do to help convince you. It does seem like people working in "big pharma" as well as for the HHS seem to believe their own "propaganda" since they seem to have high rates of immunization of their kids, unless you think they are using the "safe stuff" and sticking the "toxic chemical cocktails" into the rest of us. Or maybe they just hate kids in general.

Sure. It's pretty easy to find good stats on the topic from CDC and NHS going back a couple decades.
I pulled a few links together, but that's always tricky for people on the Internet... what is your definition of "non-biased"? I encourage you to go search around yourself if you have doubts... there's a whole lot of data, from a whole lot of countries, and it is all pretty consistent.

CDC numbers for 2015 are here. 41% had full heterosexual intercourse. Rates of oral sex and hand jobs are higher. Numbers for homosexual sex are much harder to come by. The cites for the studies are in the summary report.

I suppose least biased, most obvious stats are CDC numbers on teen pregnancy and STD spread. Those are relatively low and falling for the last decade, but they provide a minimum threshold. 22 pregnancies per 1000 women in 2015. That's a pretty small percentage (0.2%)... but it is also a record low. Backing up to 2007, back then it was 80 per 1000. 1991 was 116 per 1000, according to US HHS. The trend has been downward as contraception becomes more accessible. Does anyone really think the sex rate has been going down during the same window? :-). The percentages are not evenly distributed. You can find teen pregnancy rates over 1% in some parts of Texas and the southern USA. So that's a bare minimum.

There's plenty of researchers who work on this, and their numbers largely agree: by the time their 19, well over half, usually around 3/4, have had oral sex. Full intercourse is usually lower. These numbers hold in the USA, in Britain, in Austrailia, in France... I'm less aware of other cultures, but, frankly, humans are humans. I bet the numbers hold... there's a reason we used to get married commonly at 14 (men and women).

If you want something more direct, go do interviews on college campuses about their HS experiences. You can put your own numbers together pretty quick.

Sounds like a bill based on an understanding of science from people who've never worked in a scientific field. All research affected by HIPAA would be banned by this bill. Which is the majority of medical research. All research involving external sources of proprietary data - which no researchers like using, but sometimes you have no choice - would also be banned.

no
HIPAA provides for anonymizing records for research heres the guidelines https://www.hhs.gov/hipaa/for-...

And furthermore, not all research is reproducible. "Hey, I just detected the highest energy cosmic ray collision ever in my detector, here's my paper showing proof of the detection!"

If the EPA wants to regulate cosmic rays let me know I need a laugh. Anything that will need regulation will inherently be reproducible if it's not it's B.S. not science.

Nice try.

Your Anonymized Health Care Data is already available and HIPAA Compliant.
https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html
There are no restrictions on the use or disclosure of de-identified health information. De-identified health information neither identifies nor provides a reasonable basis to identify an individual.
I don't see this as being any different.
Actually it is different: they are not tracking YOU, they are tracking the UBER driver's car.

They meet the federal definiiton of homeless students.
https://www.acf.hhs.gov/sites/...

They are discussing students, so they are likely using the definition of homelessness found within the McKinney-Vento Act. For more info see: https://www.acf.hhs.gov/sites/default/files/ecd/homelessness_definition.pdf

86% of that budget is medicare & medicaid ... which feeds and houses no one. In fact if you actually look at the budget, http://www.hhs.gov/sites/defau... you'll see almost nothing goes to feeding and housing.... that answer your question ?

I looked up this point. http://www.hhs.gov/healthcare/... The ACA banned these limits, unless you have a grandfathered in plan. And I would assume those grandfathered plans ran out before 2016. And there is the ability to put limits on non-essential healthcare.

From the HHS website:

Lifetime & Annual Limits

The Affordable Care Act prohibits health plans from putting annual or lifetime dollar limits on most benefits you receive.

Lifetime Limits
Thanks to the Affordable Care Act, lifetime limits on most benefits are prohibited in any health plan or insurance policy. Previously, many plans set a lifetime limit — a dollar limit on what they would spend for your covered benefits during the entire time you were enrolled in that plan. You were required to pay the cost of all care exceeding those limits.

Annual Limits
The Affordable Care Act bans annual dollar limits that all job-related plans and individual health insurance plans can put on most covered health benefits. Before the health care law, many health plans set an annual limit — a dollar limit on their yearly spending for your covered benefits. You were required to pay the cost of all care exceeding those limits.

So the point remains - there are no annual or lifetime limits allowed by law.

What this suggests is that Barlow is pursuing medically questionable treatments that insurance won't cover, and is asking everybody to pay for his experimental medical journey. Good luck to him, but I'm having trouble mustering a lot of sympathy for his financial straits.

I've just helped get my mother in law (who recently immigrated from Russia) a health care plan... I've been eyeballs-deep in health plan fine print, and there are very reasonable out-of-pocket annual limits on all of these plans, so I'm not exactly sure how he's managing to financially ruin himself, when my mother in law (who is a retired office worker on a ~250 dollar per month russian pension) can get health care that offers her something like a 5k yearly out of pocket maximum. For a lawyer, 5k yearly should not mean financial ruin. My wife and I have decent IT jobs, and support our two kids plus her parents, and 5k yearly wouldn't be ruin for us.

They could tell because there were several pages requiring signatures, and they were all exactly the same.

Remotely plausible... But only if the recipient is already suspicious. Which they probably were after you discussed the printing vs. e-signing with them.

They can also tell by the size/speed of the transfer.

Nonsense. You made this up.

As much as hospitals charge, do you seriously believe that they aren't staffed up enough to detect fax cheaters?

Let me tell you a story, that happened to me. I had a dedicated fax-line, its number differing from that of some medical office in another state only by the area code. Guess what? Incorrectly dialed faxes — from hospitals and other medical offices — would end up in my computer (been using Hylafax for 20 years now) a couple of times per week. PHI be damned — I got medical histories and exam results of total strangers.

Now, this was before HIPAA, but medical information was already a big deal — and yet, these much-charging organizations could not be bothered to properly verify fax-numbers... Dedicating resources/training to catch — not cheaters — people not wishing to waste paper is not going to happen...

Some industries have more stringent reporting requirements than others.

For example, the U.S. Department of Health and Human Services Office for Civil Rights maintains a site where they post any personal healthcare information breaches affecting 500 or more individuals.

...contain my "medical data", protected by HIPPA...

Sorry, no donut. HIPAA (Health Insurance Portability and Accountability Act, not HIPPA,) and HITECH have specific exemptions for legal and law enforcement uses of such data. HHS FAQ on the matter. And HIPAA refers only to how providers and other covered entities secure your data, not when the data is turned over to you, the patient. Double no donut.

To the main meat of the matter: What gives law enforcement the right to use dogs to detect otherwise legal items? It's not the USB or SD card whose possession is unlawful. Now you show me a dog who can hit on child pornography data, or terrerism evidences, consistently.... That would be some dog.

Not unlike HIPAA. Lots of noise, not too many actual fines or actions.

Uh, what? You clearly don't work in healthcare or you'd know about alll the breaches and reporting rules and all of the fines levied by HHS.

You'd think you could at least do a cursory Google search before spouting off about subjects you're completely uneducated on.

Not unlike HIPAA. Lots of noise, not too many actual fines or actions.

Uh, what? You clearly don't work in healthcare or you'd know about alll the breaches and reporting rules and all of the fines levied by HHS.

You'd think you could at least do a cursory Google search before spouting off about subjects you're completely uneducated on.

If John in IT says no you cant have your ipad on the network then its FUCKING NO!

No iPads but plenty of Microsoft Windows workstations? In a post about ransomware? That's the worst example in history. I wish I could replace every single Windows PC with an iPad. We'd never have another malware infection again.

What is needed is HIPPA regs appended so that the guys in charge of the hospital making the most money are PERSONALLY RESPONSIBLE for any data breaches or attacks. If this is done suddenly IT will be allowed to do their job and isolate critical systems from easy attack vectors.

Won't stop a nurse from giving her password to someone else. What you do is hold the clinician accountable, which is exactly what HITECH does.

What? As somebody with a chronic disease, I see lots of doctors and haven't had this once. If they do something like this then they're blatantly breaking the law, because HIPAA explicitly guarantees you the right to have access to your own records, in addition to you being allowed to control who else can or can't access them.

http://www.hhs.gov/hipaa/for-p...

since the records have already been submitted to a third party (a state's Prescription Drug Monitoring Program) that patients no longer enjoy an expectation of privacy.

I don't buy into this bullshit normally, since people generally leave their information with third parties because they trust the third party will keep it in confidence. This case has the added force of law behind it -- HIPAA was written specifically to ensure that medical records are not passed around without the patient's consent.

...or so, any normal person would believe.

Unfortunately, it appears in this case, the DEA is correct. There is a specific exemption in HIPAA for administrative requests:

When does the Privacy Rule allow covered entities to disclose protected health information to law enforcement officials?

To respond to an administrative request, such as an administrative subpoena or investigative demand or other written request from a law enforcement official. Because an administrative request may be made without judicial involvement, the Rule requires all administrative requests to include or be accompanied by a written statement that the information requested is relevant and material, specific and limited in scope, and de-identified information cannot be used (45 CFR 164.512(f)(1)(ii)(C)).

Do you realize that nearly every modern study on the safety of vaccinations is invalid?

Nearly every study conducted uses the VAERS data - this data is scientifically worthless.
https://vaers.hhs.gov/index

You see, it's not mandated reporting. When reactions occur, even ones documented as potential reactions to a given vaccine, doctors will refuse to report it. Most doctors dismiss nearly any claim or concern of potential reactions out of hand. Responding, that incidents are rare. Of course, the basis for that statement is the VAERS data, which as we've just stated is not being reported to by doctors. And why would doctors not report such incidents?

1. Normalcy bias, they are indoctrinated that vaccines are safe, they have been told they are and so they believe they are. And most of them, most of the time... ARE...but not always.

2. Doctors receive a lot of kickbacks and perks from big pharmaceutical corporations. Who wants to lose those?

3. Wait, I am a doctor, I am already paying a small fortune in malpractice insurance. Why would I ever optionally report an incident with a vaccine I have administered and put me at risk for a lawsuit. When I can simply say its not the vaccine and move on.

The truth is, vaccines cause way more incidents than are documents. Incidents may even be occurring which we do not even have associated. Many of the outbreaks are NOT due to anti-vaxxers. Think about it., most kids have been vaccinated. In most of the country you cannot attend school if you have not (yes, exceptions are available, religious waivers, etc. but these are in fact rarely used).

But but....but I saw an article that stated the individuals were not vaccinated. No...they just couldn't provide records of the vaccinations. Most parents would have a tough time coughing up copies of records for the nearly hundred vaccinations their kids have received. Lack of record, doesn't mean they weren't vaccinated. Was there a waiver on file with the school? Nope? Oh, then they probably were in fact vaccinated, or they wouldn't be in the school.

Okay, so what's really going on with these outbreaks of old diseases? Well consider this scientific principal....viruses evolve. Many of our vaccines were originally formulated decades ago. Meanwhile, every year these virus have altered themselves. Eventually they diversify enough that the old vaccines are less effective against new strains. Oh , but if that's the case why wouldn't they create a new vaccine?

One, we have millions of doses stockpiled. Admitting that their efficacy is reduced and they need to be replaced, would require the disposal of all those doses. That's a significant financial loss.
http://cid.oxfordjournals.org/...

Second, it's a long and laborious process to get a new vaccine formulation approved. MMR has it's roots in a 1968 development formulation. That is almost 50 years, which in the life span of a virus is like tens of thousands of years.

It's far easier to claim that the outbreak is due to anti-vaxxers who weren't vaccinated. Then to initiate what would amount to disposal and re-formulation at the costs of billions of dolars.

$
$$$
$$$$$

Does this mean I oppose vaccines. Heck no, but many of those claiming science, are about as much BS as the anti-vaxxers. And the truth is, children are hurt and die from vaccinations, and were we more honest, we could greatly reduce the quanity and risk of such incidents.

Regarding "Herd Immunity"

Herd immunity protects the following:

1. Anti-vaxxers who did not take the vaccine, and never are encounter it because it's largely been eradicated for their community.

2. Children and immuno-compromised individuals who have not had the vaccine or who's immune systems are no longer functioning.

Herd immunity is irrelevant to the vaccinated. If your children are vaccinated, and there are outbre

Do you realize that nearly every modern study on the safety of vaccinations is invalid?

Nearly every study conducted uses the VAERS data - this data is scientifically worthless.
https://vaers.hhs.gov/index

You see, it's not mandated reporting. When reactions occur, even ones documented as potential reactions to a given vaccine, doctors will refuse to report it. Most doctors dismiss nearly any claim or concern of potential reactions out of hand. Responding, that incidents are rare. Of course, the basis for that statement is the VAERS data, which as we've just stated is not being reported to by doctors. And why would doctors not report such incidents?

1. Normalcy bias, they are indoctrinated that vaccines are safe, they have been told they are and so they believe they are. And most of them, most of the time... ARE...but not always.

2. Doctors receive a lot of kickbacks and perks from big pharmaceutical corporations. Who wants to lose those?

3. Wait, I am a doctor, I am already paying a small fortune in malpractice insurance. Why would I ever optionally report an incident with a vaccine I have administered and put me at risk for a lawsuit. When I can simply say its not the vaccine and move on.

The truth is, vaccines cause way more incidents than are documents. Incidents may even be occurring which we do not even have associated. Many of the outbreaks are NOT due to anti-vaxxers. Think about it., most kids have been vaccinated. In most of the country you cannot attend school if you have not (yes, exceptions are available, religious waivers, etc. but these are in fact rarely used).

But but....but I saw an article that stated the individuals were not vaccinated. No...they just couldn't provide records of the vaccinations. Most parents would have a tough time coughing up copies of records for the nearly hundred vaccinations their kids have received. Lack of record, doesn't mean they weren't vaccinated. Was there a waiver on file with the school? Nope? Oh, then they probably were in fact vaccinated, or they wouldn't be in the school.

Okay, so what's really going on with these outbreaks of old diseases? Well consider this scientific principal....viruses evolve. Many of our vaccines were originally formulated decades ago. Meanwhile, every year these virus have altered themselves. Eventually they diversify enough that the old vaccines are less effective against new strains. Oh , but if that's the case why wouldn't they create a new vaccine?

One, we have millions of doses stockpiled. Admitting that their efficacy is reduced and they need to be replaced, would require the disposal of all those doses. That's a significant financial loss.
http://cid.oxfordjournals.org/...

Second, it's a long and laborious process to get a new vaccine formulation approved. MMR has it's roots in a 1968 development formulation. That is almost 50 years, which in the life span of a virus is like tens of thousands of years.

It's far easier to claim that the outbreak is due to anti-vaxxers who weren't vaccinated. Then to initiate what would amount to disposal and re-formulation at the costs of billions of dolars.

$
$$$
$$$$$

Does this mean I oppose vaccines. Heck no, but many of those claiming science, are about as much BS as the anti-vaxxers. And the truth is, children are hurt and die from vaccinations, and were we more honest, we could greatly reduce the quanity and risk of such incidents.

I know more people working 40+ hours / week who earn below the poverty line

Do you know what the Federal Poverty Line is?

The Federal Poverty Level is $11,880 for an individual, $20,160 for a family of three - dividing that by 2,000 hours of work (50 weeks of 40 hour "full-time" employment = 2,000 hours) puts your friends at either $5.94/hr or $10.80/hr.

These workers are at the very bottom of the income spectrum, based on federal law that makes it a crime to pay a worker less than $7.25/hr.

The first blood has already been shed.

Not only did the hospital IT fail, there are federal policies that are made to help protect against this. A hospital should be doing a risk assessment annually, and is required to document why specific remediation weren't followed per HIPAA. 164.306 is very clear on this all; even the policies that are "addressable" still require them to "Document why it would not be reasonable and appropriate to implement the implementation specification;"

They could be hit with "civil money penalties" of "$50,000 for each violation", and this can be " a separate violation occurs each day the covered entity or business associate is in violation of the provision. " The ONLY thing that might save the hospital is that PHI hasn't actually been exposed. Source

Wage trends in China indicate the "race to the bottom" is actually a race to the middle.

That's only if you define "the middle" as being really close to the bottom. According to the article that you linked, the average income in China has risen from 21001 CNY in 2011 to 57361 CNY in 2014. But 57361 CNY is less than $9000. Do you consider a wage of $9000 per year as "the middle"? The official definition of poverty in the United States is $11770 for a single person living alone. See

https://aspe.hhs.gov/2015-poverty-guidelines

Wrong. The Affordable Care Act (some call it Obamacare) is administered by the Health and Human Services Department.

If you work in HIPAA compliance, you might want to read over the actual document again. Encryption is not "Required", but only "Addressable". This is followed up by "reasonable and appropriate” for Addressable items, including documentation on why the Covered Entity didn't feel the Addressable was needed. This is from a governmental site, and the answer is "no". If this data was supposed to always stay in-house, then per 45 CFR 164.312(a)(2)(iv) and (e)(2)(ii) that fact alone is probably good enough for them to not get fined.

I'm in no way saying not having it encrypted is a good idea; this seems to be a case that their required risk assessment failed in the worst way. Or perhaps there never was any risk assessment done for this particular project; TFA and the Reuters article are both quite vague and information on what actually happened is pretty missing.

If you work in HIPAA compliance, you might want to read over the actual document again. Encryption is not "Required", but only "Addressable". This is followed up by "reasonable and appropriate” for Addressable items, including documentation on why the Covered Entity didn't feel the Addressable was needed. This is from a governmental site, and the answer is "no". If this data was supposed to always stay in-house, then per 45 CFR 164.312(a)(2)(iv) and (e)(2)(ii) that fact alone is probably good enough for them to not get fined.

I'm in no way saying not having it encrypted is a good idea; this seems to be a case that their required risk assessment failed in the worst way. Or perhaps there never was any risk assessment done for this particular project; TFA and the Reuters article are both quite vague and information on what actually happened is pretty missing.

You all seem to be missing that the 100,000 Genome project is based in the UK, not the US. US insurance policy won't affect her. Even if she emigrated to the US later in life, the "Pre-existing conditions" copout has been removed under the Affordable Care Act (ACA, or Obama care).

Being jaded and conspiratorial may make you feel cool, but at least make sure you've got your basic facts right first. Otherwise you just look like a stark raving fool.

Any organization or individual bound by HIPAA

Incorrect. Quoting from Health and Human Services own website on HIPAA: "The HIPAA Privacy Rule establishes national standards to protect individualsâ(TM) medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically."

HIPAA is no joke and it's taken very seriously in the healthcare industry because the government can and does levy massive fines every year for violations.

Indeed they do, and those in the health care industry do take it very seriously, as it applies to them. But not to those outside it.

HIPAA provides zero privacy from the government.

Summary of the HIPAA Privacy Rule

No release needed as HIPPA explicitly allows a variety of government agencies to access your health data. Here's one(of twelve) exceptions:

A covered entity also may use or disclose, without an individuals’ authorization, a limited data set of protected health information for research purposes (see discussion below).

Yes, your criminal organization has different requirements than an honest business,

You're saying HIPAA compliance is criminal, are you? You're saying that protecting client/lawyer confidentiality is criminal, are you?

I don't think you've thought this out very far...