Slashdot Mirror
Database Records and "In Plain Sight" Searches
chriswaco writes "A federal appeals court ruled that database records are not 'in plain sight' when other records in the same database are subpoenaed. The case involved Major League Baseball drug test results, but the implications are far wider."
Surely you are jesting.
The ruling is really about data and I don't think that a baseball story needs to attract a few tech geeks and lawyers to increase banner ad revenue.
Personally, I am a bit reassured that there is such a ruling, because it gives some protection against a cop obtaining a warrant to get some data and issuing the wrong sql query that brings too much data including mine (or the tech guy asked to do it that does not refine the query enough, or just give a report that has the relevant data in it and then some not relevant etc.).
Oh yeah, a much better article on Wired! Despite the bad link and very short summary, it is still an important issue. They key is that they say "Ideally, when searching a computerâ(TM)s hard drive, the government should cull the specific data described in the search warrant, rather than copy the entire drive, the San Francisco-based appeals court ruled. When thatâ(TM)s not possible, the feds must use an independent third party under the courtâ(TM)s supervision," So basically, they had a warrant for 10 drug results, but happened to find 104 results, and took them all. This ruling is a good one in my eyes. Now, they keyword I see there is "ideally", which seems to mean it could be stretched both ways by a smart lawyer, but still overall good stuff.
"It's ok, I'm completely secure as long as my iron is off"
On the Privacy rule, from HIPAA's own web site:
Who Is Not Required to Follow This Law
Many organizations that have health information about you do not have to follow this law.
Examples of organizations that do not have to follow the Privacy Rule include:
* life insurers,
* employers,
* workers compensation carriers,
* many schools and school districts,
* many state agencies like child protective service agencies,
* many law enforcement agencies,
* many municipal offices.
Once your employer has your health information, they are not bound to the Privacy Rule.
I'm not saying HIPAA is all bad, but a lot of people have the misconception that the "P" in HIPAA stands for Privacy and that HIPAA is designed solely to protect them. Neither of which is true.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
>>>"Hello, I'm a constituent, and I'd like to talk to [ my rep ] about technical issues being proposed / in the news / reflecting the upcoming election.
>
Several times. They just don't listen. For example I spoke to my Senator about the DTV conversion, and how the power levels were set too low for VHF channels 6, 8, 10, 11, and 13 such that they could not be received with the indoor antennas most viewers use. He thanked me and then promptly did nothing.
Next I talked to him about Comcast's monopoly and how it is working to "lock up" television programming (cable shows) behind walls, such that only Comcast subscribers could access them, but not Verizon subscribers (like me). He gave told me he supports net neutrality and that's why he's not going to interfere with Comcast's running of its business and he sees nothing wrong with the practice. (Huh?) I later checked and found he gets million from Comcast in contributions.
And of course I've witnessed what's happening with the townhalls, where he basically told the people he's not listening to their cries to "leave my healthcare alone". He's taken a Nixon-like tactic of saying there's a silent majority and he's serving them. (I would argue if such a majority existed, it should speak up not be silent.)
Democracy doesn't work if the reps refuse to hear what we're saying.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall