Healthcare.gov Sends Personal Data To Over a Dozen Tracking Websites

← Back to Stories (view on slashdot.org)

Healthcare.gov Sends Personal Data To Over a Dozen Tracking Websites

Posted by Soulskill on Wednesday January 21, 2015 @01:14AM from the a-bit-too-standard dept.

An anonymous reader tips an Associated Press report saying that Healthcare.gov is sending users' personal data to private companies. The information involved is typical ad-related analytic data: "...it can include age, income, ZIP code, whether a person smokes, and if a person is pregnant. It can include a computer's Internet address, which can identify a person's name or address when combined with other information collected by sophisticated online marketing or advertising firms." The Electronic Frontier Foundation confirmed the report, saying that data is being sent from Healthcare.gov to at least 14 third-party domains.

The EFF says, "Sending such personal information raises significant privacy concerns. A company like Doubleclick, for example, could match up the personal data provided by healthcare.gov with an already extensive trove of information about what you read online and what your buying preferences are to create an extremely detailed profile of exactly who you are and what your interests are. It could do all this based on a tracking cookie that it sets which would be the same across any site you visit. Based on this data, Doubleclick could start showing you smoking ads or infer your risk of cancer based on where you live, how old you are and your status as a smoker. Doubleclick might start to show you ads related to pregnancy, which could have embarrassing and potentially dangerous consequences such as when Target notified a woman's family that she was pregnant before she even told them. "

127 of 204 comments (clear)

Min score:

Reason:

Sort:

Who expected differently? by Anonymous Coward · 2015-01-21 01:18 · Score: 2, Insightful

You didn't need to be a drooling FoxNews zombie to see that Healthcare.gov was a bad idea.
1. Re:Who expected differently? by Anonymous Coward · 2015-01-21 02:39 · Score: 1, Interesting
  
  no, but you needed to not be a drooling MSNBC idiot. Granted their viewership is under a 600K people so I wonder how the hell this idiot get elected president
  He's the right color so the greatest PR money could buy convinced tons of poor innercity blacks that this Harvard law professor really understands what life is like in the ghetto, is truly one of their own, and really wants to help them gain opportunities and is not a member of the monied political class at all. Automatically getting about 13% of the vote is a great start to any campaign, that plus the approximately 50% who vote Democrat anyway and you get to be president.
  Till we actually have a colorblind society and stop playing groups against each other divide-and-conquer style, expect more of the same. The goal is that something other than reason and fitness for the job become the main voting criteria. They do it because it still works. Oh and anybody who thinks a candidate endorsed by either major party is going to really change the status quo is just plain stupid. The purpose of the major parties is to maintain the status quo and see that it changes only very slowly, with only major movements backed up by tremendous perserverence (i.e. women's suffrage, the Civil Rights Movement) able to actually change anything, that way the various monied interests that put candidates into office feel like their investments are protected. It isn't about representing you at all.
2. Re:Who expected differently? by jandersen · 2015-01-21 03:18 · Score: 4, Interesting
  
  You didn't need to be a drooling FoxNews zombie to see that Healthcare.gov was a bad idea.
  But the reason it is a bad idea is not that all government does is bad - rather this illustrates why things like this should be managed by a body that is guaranteed to not be in bed with business and is stricly regulated. Whether or not this can be called corruption in the legal sense, it certainly is morally corrupt.
3. Re:Who expected differently? by Anonymous Coward · 2015-01-21 04:12 · Score: 1
  
  "Till we actually have a colorblind society and stop playing groups against each other"
  Never going to happen -- there is just too much power and money to be made in dividing people into groups and pitting them against each other - and not always in a deathmatch style. You just need to convince a group that they are special or deserve something another group has....rinse and repeat per group.
4. Re:Who expected differently? by Anonymous Coward · 2015-01-21 04:32 · Score: 2, Interesting
  
  There is no such thing as "a body that is guaranteed to not be in bed with business."
  Also, "strictly regulated" often just means "whitewashed by some taxpayer-funded agency with no teeth."
  Rather than "strictly regulated" we need "transparent and publicly accountable" in order to resist corruption.
5. Re:Who expected differently? by Anonymous Coward · 2015-01-21 06:03 · Score: 1
  
  They don't? When did that stop?
6. Re:Who expected differently? by Tailhook · 2015-01-21 06:24 · Score: 5, Informative
  
  Because Dems don't look to their angry leftist commentators to be told how to think?
  Sharpton's regular broadcast just started as I read your bullshit. I listen to his hate mongering on WVON out of Chicago. You have no idea what you're talking about.
  The callers are the best part. They've all been filled with hate from birth and many of them want violence.
  
  --
  Maw! Fire up the karma burner!
7. Re:Who expected differently? by Archangel+Michael · 2015-01-21 06:58 · Score: 2
  
  Tell me, when is Government not in bed with business? Crony Capitalism is no better than a corrupt Bureaucracy that targets citizens, instead of serving them.
  Government isn't the solution to problems, it is largely responsible for them. Here is the process.
  People complain about problem, government "Fixes" the problem, but generates three new problems. Repeat.
  And fixing the problems government creates is as simple as raising taxes and giving the money away to voters. All those programs and shit that we spend inordinate amounts of money on, are not solving the problems they were created for. War on Poverty/Great Society hasn't stopped poverty, and from the looks of it (where I am) it is actually worse now than I have ever seen since Jimmy Carter.
  But you all keep believing government is going to solve the problems it created, but I think that is pure insanity.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
8. Re:Who expected differently? by vux984 · 2015-01-21 09:11 · Score: 1
  
  He's the right color so the greatest PR money could buy convinced tons of poor innercity blacks that this [successful person] really understands what life is like in the ghetto, is truly one of their own, and really wants to help them gain opportunities and is not a member of the monied political class at all. Automatically getting about 13% of the vote is a great start to any campaign, that plus the approximately 50% who vote [Republican] anyway and you get to be president.
  It's so simple, kids, and that's why we have President Herman Cain. And its why all the last six presidents have been black. black vote + 50% partisan vote... its just an unbeatable combo.
  Nice theory you got there, but reality turns out to be just a little more complicated. Now if voters were frictionless spheres in a vaccuum... then maybe you'd have something.
9. Re: Who expected differently? by NickGnome · 2015-01-21 18:07 · Score: 1
  
  "things like this should be managed by a body that is guaranteed to not be in bed with business and is stricly regulated."
  ...
  "There is no such thing as 'a body that is guaranteed to not be in bed with business'."
  A dead body might be in bed with a business, and yet not corrupt (or perhaps you were thinking about Obummer's and Shrub's Communist Corpse effort to pervert education, now there's a corrupt body). But experience shows that any other body -- government or business -- in such a scheme is virtually certain to be corrupt... in the immediate sense of demanding and then spreading around personal private data.
10. Re:Who expected differently? by jandersen · 2015-01-21 22:14 · Score: 1
  
  Tell me, when is Government not in bed with business?
  I don't know. I think a better question is HOW: how can we achieve that? I'm all for free market and enough inequality to drive people's ambition to better themselves, but free markets have, without exception, always become corrupted, so they support only monopolies in the end, and inequality tends to grow in the same way: hence the recent news that the richest 1% very own > 50% of all wealth globally.
  Somewhere in the solution to this, democracy looms large, but democracy only works if the overwhelming majority play by the rules, and if everybody actually cares. And, as another answer states, transparency is crucial in ensuring that both of these factors can be realised.
  
  But you all keep believing government is going to solve the problems it created, but I think that is pure insanity.
  Good government CAN solve the problems, but good government does not exist unless people are willing to put in the effort to make it happen.
11. Re:Who expected differently? by lonecrow · 2015-01-22 06:46 · Score: 1
  
  should have went single payer and avoided this hybrid wierdness
Big Brother & Max Headroom all in one. by Z00L00K · 2015-01-21 01:19 · Score: 1

There's nowhere to escape the targeted ads and you can't turn them off.

--
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
1. Re:Big Brother & Max Headroom all in one. by fxsoap · 2015-01-21 08:47 · Score: 1
  
  your only hope is that Adblock Plus will work when your health is involved
Can anyone think of by Anonymous Coward · 2015-01-21 01:20 · Score: 1, Interesting

a bigger fuckup than Obamacare?
1. Re:Can anyone think of by Anonymous Coward · 2015-01-21 01:25 · Score: 1
  
  Slashdot Beta
2. Re:Can anyone think of by B33rNinj4 · 2015-01-21 02:19 · Score: 1
  
  TARP comes to mind.
3. Re:Can anyone think of by l3v1 · 2015-01-21 02:24 · Score: 1
  
  Lehman Brothers...
  
  --
  I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
4. Re:Can anyone think of by Anonymous Coward · 2015-01-21 02:54 · Score: 1
  
  Repealing Glass-Steagall?
5. Re:Can anyone think of by ultranova · 2015-01-21 03:28 · Score: 1
  
  Given that half of the government is trying to actively sabotage Obamacare for ideological reasons, should its problems be considered failures or successes?
  But to answer your question, just wait until Republicans get the presidential seat too. They can't outright repeal Obamacare, since it has already benefited enough people to make that a political suicide, but they can cause "unfortunate fuckups" to slowly erode it away.
  We might be in for stormy weather, with Republicans in the US, various extremist movements rising as people get fed p with austerity in Europe, Islam being used to recruit cannon fodder fodder for various megalomaniacs empire building projects here and there, Chinese government trying to retain dictatorship while its economy starts catching up the rest of the world and the boom consequently fading...
  
  --
  Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
6. Re:Can anyone think of by Jawnn · 2015-01-21 03:45 · Score: 1, Informative
  
  a bigger fuckup than Obamacare?
  You keep using that word. I do not think that it means what you think it means. Unless, of course, you consider the failure to implement a more efficient single-payer system to be a "fuckup". On that, we'd agree, but for the vast majority of Americans, The Affordable Care Act is a net win as is.
7. Re:Can anyone think of by rickb928 · 2015-01-21 06:35 · Score: 1
  
  You can blame the Democrats for that, more than one way:
  Bill Clinton signed this into law.
  S.900 passed the Senate with 52 Republican votes and 38 Democrat votes, and the House with 207 Republican votes and 154 Democrat votes.
  The Republicans did hold a majority in Congress, 223 Republicans, 211 Democrats, one Independent in the House, 55 Republicans to 45 Democrats (mostly) in the Senate.
  Claims that the Republicans passed this would have to ignore the Democrat involvement.
  
  --
  deleting the extra space after periods so i can stay relevant, yeah.
8. Re:Can anyone think of by AK+Marc · 2015-01-21 06:45 · Score: 1
  
  Reagan's 3 treasons. Or the fact that the US people voted in a senile president suffering from dementia.
  
  --
  Learn to love Alaska
9. Re:Can anyone think of by Curunir_wolf · 2015-01-21 06:56 · Score: 1
  
  TARP actually made a profit because in exchange for cash it got shares of the companies it was bailing out. It then sold those shares back for more than the cash it gave out. That plus the companies not going out of business most folks would call a success, not a fuckup.
  It's a "success" if you love the businesses that got TARP money, but a massive failure if you don't. Most businesses that fuckup on such a massive scale end up bankrupt, with assets going up for fire sale prices to people that did NOT fuckup. The fact that most of those businesses also fucked over a lot of OTHER people before getting their massive capital infusion (which they parleyed into even greater profits).
  
  --
  "Somebody has to do something. It's just incredibly pathetic it has to be us."
  --- Jerry Garcia
10. Re:Can anyone think of by Archangel+Michael · 2015-01-21 06:59 · Score: 1
  
  benefited enough people
  It has hurt enough people that it is not suicide.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
11. Re:Can anyone think of by Archangel+Michael · 2015-01-21 07:05 · Score: 1
  
  Forget Jimmy Carter much? Reagan has as much to do with the failure of Carter as anything. Yeah, Carter, the person that Democrats never remember.
  I blame Republicans for Obama, as much as I blame Clintons (both of them) for Obama. But Democrats were all "hopey and changey" gaga over Obama, that they clearly have the lead on his failures. And keeping Nancy Pelosi "you have to pass it to read it" and Harry Reid as leaders clearly show how much Democrats hate America.
  The Republicans aren't much better keeping Mitch and John in power either.
  GAHHHH I hate both parties almost equally.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
12. Re:Can anyone think of by tnk1 · 2015-01-21 07:36 · Score: 2
  
  I think we need to break this down.
  Having a business go under is an incredibly shitty thing. You do want to avoid that, if you can.
  The problem is not that these businesses still exist, it's that the people who ran those businesses had no negative impact for running those businesses _badly_. Therefore, bad management and short term thinking is rewarded.
  If there is a structural problem with those businesses, or their product is no longer needed (like buggy whips), I can understand letting them go under. For everything else, it is almost always who is running the business, as opposed to the business itself, which is the problem.
13. Re:Can anyone think of by anagama · 2015-01-21 07:49 · Score: 2
  
  I don't know why people keep calling it Obamacare, it's Nixoncare. http://www.salon.com/2013/10/2...
  Today's democrats make Nixon look like a pot smoking hippie -- they've managed to engage in more war than he did, more massive surveillance than he did, and give away more money to private corporate interests than even GWB managed to do.
  
  --
  What changed under Obama? Nothing Good
14. Re:Can anyone think of by fahrbot-bot · 2015-01-21 07:58 · Score: 1
  benefited enough people
  It has hurt enough people that it is not suicide.
  Citation seriously needed - from a reputable source. On balance, if you investigate this honestly, I suspect you'll find that the ACA has helped more than it has hurt. Sure, some people have had to pay higher premiums, but it is almost always for better coverage, and many people complaining didn't have any insurance, but now have coverage - especially people needing Medicaid. Ironically, people in Red states have benefited more than those in Blue states.
  Here's a citation: Is the Affordable Care Act Working?, from 10/2014, quoting:
  
  Has the percentage of uninsured people been reduced?
  Answer: Yes, the number of uninsured has fallen significantly.
  
  Has insurance under the law been affordable?
  Answer: For many, yes, but not for all.
  
  Did the Affordable Care Act improve health outcomes?
  Answer: Data remains sparse except for one group, the young.
  
  Will the online exchanges work better this year than last?
  Answer: Most experts expect they will, but they will be tested by new challenges.
  
  Has the health care industry been helped or hurt by the law?
  Answer: The law mostly helped, by providing new paying patients and insurance customers.
  
  How has the expansion of Medicaid fared?
  Answer: Twenty-three states have opposed expansion, though several of them are reconsidering.
  
  Has the law contributed to a slowdown in health care spending?
  Answer: Perhaps, but mainly around the edges.
  --
  It must have been something you assimilated. . . .
15. Re:Can anyone think of by Coren22 · 2015-01-21 08:34 · Score: 1
  
  Start requiring that all congressional districts be drawn "as square as possible".
  The funny thing is that often those funky borders come from laws passed by Democrats to try and get minority districts in majority Republican states. It is quite rarely able to be attributed to actual gerrymandering like you are trying to indicate.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Why? by Anonymous Coward · 2015-01-21 01:20 · Score: 5, Insightful

The only purpose it serves is to completely erase all trust. Who gets fired?
1. Re:Why? by jakimfett · 2015-01-21 04:43 · Score: 4, Interesting
  
  Suggestion: Everyone go report this as a HIPAA violation.
  
  --
  Bits of code, random ramblings: jakimfett.com
2. Re:Why? by Archangel+Michael · 2015-01-21 07:07 · Score: 1
  
  Can you sue the Government over HIPAA violations in ObamaCare? Would Obama let you?
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Wow... Just "no". by pla · 2015-01-21 01:22 · Score: 5, Insightful

In what universe does a government website selling personal info to advertisers count as even remotely fucking acceptable???

This doesn't "raise significant privacy concerns", it sends a great big middle finger to the American public from its own elected officials. I don't care about the "potential" for misuse - I care that someone even considered the possibility of using healthcare.gov to siphon off PII.

Uncle Sam needs to retire.
1. Re:Wow... Just "no". by gstoddart · 2015-01-21 01:30 · Score: 5, Insightful
  
  In what universe does a government website selling personal info to advertisers count as even remotely fucking acceptable???
  One in which some asshole has decided it needs to run for a profit, or on a cost recovery basis ... and with zero regard for patient confidentiality.
  I agree with you, and any sane country with privacy laws would be appalled -- and you'd expect this to violate some HIPAA laws.
  Essentially this demonstrates the problems with analytics -- is some asshole you don't have anything to do with gets to know everything you do and everything about you.
  That's utterly insane, and if it isn't, it should be illegal.
  But somehow it seems that ensuring the profits of corporations is more important than privacy and the act of restricting what corporations do is unthinkable to some.
  
  --
  Lost at C:>. Found at C.
2. Re:Wow... Just "no". by DarkOx · 2015-01-21 01:36 · Score: 5, Insightful
  
  Why are you surprised the entire 'Affordable' care is really just a pile of giveaways to certain monied interests.
  I mean come on the left the private insurance industry in place, while all but forcing the public to buy their product. The left them with the ability to set rates. The only real encouragement for them not gouge, is fear of political back lash AND essentially a government grantee that if they do somehow lose money they will be make whole.
  There essentially no controls on the medical tort industry in it.
  Nothing was done manage increasing drug costs
  The medial device tax, the like one thing that industry might not like, is suspended.
  Piles of money were spent hiring the incompetent to build the exchange.
  The entire thing is theft all the way up and down.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
3. Re:Wow... Just "no". by jellomizer · 2015-01-21 01:39 · Score: 3, Interesting
  
  Give me a H
  Give me an I
  Give me a P
  Give me an A
  Give me an A
  What does that spell HIPAA
  What does that mean! The government should fine itself!
  I think if the government needs to fine itself, they should refund the money back to the tax payers for services failed to render.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
4. Re: Wow... Just "no". by gstoddart · 2015-01-21 01:41 · Score: 5, Insightful
  
  In this case, that asshole is a Democrat.
  You're absolutely correct:
  
  The Obama administration says HealthCare.gov's connections to data firms were intended to help improve the consumer experience. Officials said outside firms are barred from using the data to further their own business interests.
  Just fucking wow.
  The stupidity inherent in this choice is beyond belief.
  
  --
  Lost at C:>. Found at C.
5. Re:Wow... Just "no". by Guy+From+V · 2015-01-21 01:45 · Score: 1
  
  Here's a Ycombinator discussion on this very thing...
  https://news.ycombinator.com/i...
6. Re:Wow... Just "no". by BarbaraHudson · 2015-01-21 01:49 · Score: 4, Insightful
  
  In what universe does a government website selling personal info to advertisers count as even remotely fucking acceptable??? This doesn't "raise significant privacy concerns", it sends a great big middle finger to the American public from its own elected officials. I don't care about the "potential" for misuse - I care that someone even considered the possibility of using healthcare.gov to siphon off PII. Uncle Sam needs to retire.
  There is zero evidence that this data is being used for advertising purposes - the article makes a lot of speculation. For example:
  
  to private companies that specialize in advertising and analyzing Internet data for performance and marketing,
  For example, IBM does both - but they also do pretty good data analysis. Would you rather it goes to some 3rd-world country for analysis (because you can be pretty sure it will be sold)?
  Now, I'm not saying there's nothing to see here - but is it just fog that will dissipate in the morning sun or smoke that indicates a fire? Can't tell from the article, because it's almost al speculation and what-ifs.
  
  --
  "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
7. Re:Wow... Just "no". by Gravis+Zero · 2015-01-21 01:51 · Score: 1
  
  I agree with you, and any sane country with privacy laws would be appalled -- and you'd expect this to violate some HIPAA laws.
  That's utterly insane, and if it isn't, it should be illegal.
  i think it actually might be violating HIPAA. someone should be going to jail for this, whether they do or not is a different matter.
  
  --
  Anons need not reply. Questions end with a question mark.
8. Re:Wow... Just "no". by XxtraLarGe · 2015-01-21 01:51 · Score: 2
  
  I think if the government needs to fine itself, they should refund the money back to the tax payers for services failed to render.
  Laws are for other people. When the government does it, it's different. If you think this is bad, just wait until they nationalize the internet under the guise of "net neutrality".
  
  --
  Taking guns away from the 99% gives the 1% 100% of the power.
9. Re:Wow... Just "no". by Actually,+I+do+RTFA · 2015-01-21 01:58 · Score: 2
  
  In what universe does a government website selling personal info to advertisers count as even remotely fucking acceptable???
  Probably the universe where a bunch of assholes insist that the federal government not use in-house personnel to build this website, and instead outsource it to the lowest bidder... who is lowest because they valued and counted on this additional revenue stream?
  
  Uncle Sam needs to retire.
  Uncle Sam needs to get his ass off the bench, and stop outsourcing all it's functionality to private companies who do this shit.
  Now, the government was complicit in allowing this. But I think that if it weren't outsourced to a company attempting to monetize everything, no one would think of this.
  
  --
  Your ad here. Ask me how!
10. Re:Wow... Just "no". by Sir_Substance · 2015-01-21 02:00 · Score: 2
  
  I actually see this not as the fault of elected officials, but the fault of software developers.
  There is something pretty profoundly wrong with our industry. Someone coded this monstrosity. Someone coded prism. Someone coded a backdoor into every linksys router. Apparently, those someones thought their actions were ok enough to not refuse the job, or they feared that if they didn't do it, they'd be fired and someone else would do it anyway.
  We need to take a group stand against unethical software development.
11. Re:Wow... Just "no". by budgenator · 2015-01-21 02:05 · Score: 3, Insightful
  
  They sent the info to 14 different companies,
  HIPAA violation is due to willful neglect and is not corrected, Minimum Penalty, $50,000 per violation, with an annual maximum of $1.5 million; Maximum Penalty, $50,000 per violation, with an annual maximum of $1.5 million;
  is a $1.5M fine going to phase either the USG or that rogue's gallery of internet advertiser's? We probably spend more than $22.5M on brake pads for fighter jets each year.
  
  --
  Apocalypse Cancelled, Sorry, No Ticket Refunds
12. Re:Wow... Just "no". by Anonymous Coward · 2015-01-21 02:09 · Score: 1
  
  I'm sure doubleclick does excellent data analysis as well but they do not do it for your benefit.
  The list of companies in the EFF article are not companies known for data analysis to find patterns resulting in better treatment. They are all companies that do data analysis to sell advertising. Twitter, Yahoo, and Youtube need to know someone is shopping for healthcare? The only one not on the list is facebook (unless they own one of the others).
13. Re:Wow... Just "no". by mrchaotica · 2015-01-21 02:09 · Score: 2, Insightful
  
  There is zero evidence that this data is being used for advertising purposes - the article makes a lot of speculation.
  Bullshit. The fact that the information gets sent at all is prima facie evidence that it's being abused. The burden of proof is on the government to justify it.
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
14. Re:Wow... Just "no". by Anonymous Coward · 2015-01-21 02:23 · Score: 1
  
  You know, like how medical ethics totally prevented the CIA from finding doctors willing to help out with torturing people.
15. Re: Wow... Just "no". by halivar · 2015-01-21 02:25 · Score: 4, Insightful
  
  Not really, most of the ACA was recycled Republican ideas, complete with bending over for the insurance companies and using private contractors to build the web site.
  This is said repeatedly, and yet the previous administration, with a Republican house and senate, never advanced a bill for it, and not a single Republican voted for it when a bill for it finally was.
16. Re: Wow... Just "no". by ganjadude · 2015-01-21 02:31 · Score: 5, Insightful
  
  Not really, most of the ACA was recycled Republican ideas,
  People keep saying this, but its simply not true, unless you try and say that what a republican said was ok for the state to do is also ok for the fed to do, which is exactly the opposite of the truth. to some people, the 10th amendment still matters
  
  --
  have you seen my sig? there are many others like it but none that are the same
17. Re:Wow... Just "no". by ganjadude · 2015-01-21 02:32 · Score: 2
  
  per violation. 1.5 million bucks times however many people are signed up through the website.
  
  --
  have you seen my sig? there are many others like it but none that are the same
18. Re:Wow... Just "no". by ganjadude · 2015-01-21 02:33 · Score: 2
  
  frankly it doesnt matter WHAT they do with the data, HIPPA says they cant share any of it
  
  --
  have you seen my sig? there are many others like it but none that are the same
19. Re: Wow... Just "no". by ganjadude · 2015-01-21 02:37 · Score: 1
  
  I mean by that same logic, I think that its perfectly fine to share my money with my friends. That does not mean that I said its ok to share my money with everyone else.
  
  --
  have you seen my sig? there are many others like it but none that are the same
20. Re: Wow... Just "no". by g0bshiTe · 2015-01-21 02:38 · Score: 1, Troll
  
  That doesn't matter to the agenda, it was a Republican idea and we had to do something.
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
21. Re:Wow... Just "no". by Chris+Mattern · 2015-01-21 02:56 · Score: 1
  
  i think it actually might be violating HIPAA
  Nope. Because they're not covered by HIPAA. Only "covered entities" have to comply with HIPAA privacy regulations and, guess what? The government is not a covered entity.
22. Re:Wow... Just "no". by nofx911 · 2015-01-21 02:57 · Score: 1
  
  The government is not evening getting paid for the paid for the personal information! They are giving it away for free due to sloppy coding, such as using GET for form posting which leaks all of the fieldname/value pairs to the third party sites via the referrer header.
  Then again, there could be some side deal, but from everything else that has happened with the Healthcare.gov website I think that it was just really poor design.
23. Re:Wow... Just "no". by The+Fifth+Man · 2015-01-21 03:11 · Score: 3, Informative
  
  "only "covered entities" have to comply with HIPAA privacy regulations and, guess what? The government is not a covered entity."
  Hi, HIPAA guy here. This is most assuredly incorrect. Popular misconception though.
  Per HHS' own rules, the site operates as a Business Associate and is fully covered by HIPAA.
  http://www.hhs.gov/ocr/privacy...
24. Re:Wow... Just "no". by fortfive · 2015-01-21 03:19 · Score: 1
  
  IANAHipaa expert, but I would guess that since it is only providing anonymous info, it does not fall under hippo restrictions. That doesn't make it right, or even ethical, but it's probably not illegal.
  Also, I don't think people can go to jail for HIPAA violations.
25. Re:Wow... Just "no". by Ksevio · 2015-01-21 03:21 · Score: 1
  
  Despite its name, healthcare.gov does not handle medical data so it can't violate HIPAA laws.
  
  Still, it should not be doing it.
26. Re: Wow... Just "no". by GrumpySteen · 2015-01-21 03:22 · Score: 1
  
  This is said repeatedly, and yet the previous administration, with a Republican house and senate, never advanced a bill for it
  http://www.gpo.gov/fdsys/pkg/B...
  No, the previous administration didn't introduce the bill. It was introduced back in 1993 by a group of about 20 Republican sponsors. It didn't get enough traction to go anywhere.
  There are a lot of similarities between the ACA and HEART, but there are differences too.
  http://www.politifact.com/pund...
27. Re: Wow... Just "no". by ganjadude · 2015-01-21 03:32 · Score: 2
  
  no republicans have ever tried to push a bill like that on the entire country. 10th amendment
  
  --
  have you seen my sig? there are many others like it but none that are the same
28. Re: Wow... Just "no". by Anonymous Coward · 2015-01-21 03:32 · Score: 2
  
  Page one of the Democrat playbook: Blame the Republicans, no matter what!!!!
29. Re:Wow... Just "no". by queequeg1 · 2015-01-21 03:33 · Score: 1
  
  Anonymizing protected health information (while still retaining value for person-specific marketing purposes) can be difficult (if not impossible). Here's a link to an article that talks about the kind of identifiers that would have to be scrubbed.
  http://www.hhs.gov/ocr/privacy...
  Scroll down to the table that describes the "safe harbor" method of deidentifying data.
  Age is a problem. Additionally, if a person's identity can be as easily determined using other readily accessible information (as the summary seems to say), you also have a problem.
30. Re: Wow... Just "no". by halivar · 2015-01-21 04:05 · Score: 1
  
  There's a natural tension in conservative thought between "I don't want to pay for someone else's bills" and "I don't want the government to force people to buy something they maybe can't afford." In the debate over ACA, these two modes of thought are mutually exclusive, and a lot of republicans had to decide which was more important.
31. Re:Wow... Just "no". by g0bshiTe · 2015-01-21 04:25 · Score: 1
  
  It's adorable that you have so much faith in the government that they wouldn't sell that data outright or you know allow it for some type of kickback.
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
32. Re: Wow... Just "no". by njnnja · 2015-01-21 04:40 · Score: 3, Insightful
  
  I don't think the U.S. can afford all the health care Americans want
  All discussions of the health care system needs to start and end with agreement on this quote, if nothing else. Of course we can't afford all the health care that we want; we also can't afford all of the iPhones that we want, or education, or anything, really. Economics is the study of how we allocate finite resources to try to satisfy infinite wants, and nowhere is that more stark than with health care.
  
  Whether the method for allocating those finite resources is a price system, a queueing system, a random drawing, or otherwise, there are always trade-offs. The problem with health care is that nobody wants to acknowledge that some trade-off will be required. If you only use prices, then the poor won't get as much care as the rich. If you only use queues, then everybody will suffer with ailments during the wait. So we have this phenomenally complex system that tries to pretend that there are no limits to our medical resources, because while we are generally OK with the fact that rich people can have the latest iphone while others make do with generic android, or that you wait in line to get a table at your favorite restaurant, we are apparently not OK with hearing that someone doesn't get exactly the health care that they want when they want it because they don't have enough money, or other people with the same problem have booked the doctor's time for weeks.
  
  Once we are honest about who we are willing to deny care to, then we can have a productive conversation about health care. Everyone can say "This is how I think care should be allocated" and we would create a system that allocates resources according to the wishes of the people, as expressed by their elected representatives. But instead we create layer upon layer of employer backed insurance, and government backed insurance, with some private delivery, but some public delivery, so that nobody can understand it. So now people's positions on health care reform are mere reflections of mood affiliation rather than of what they actually want out of the system.
33. Re:Wow... Just "no". by jakimfett · 2015-01-21 04:41 · Score: 1
  
  Suggestion: Everyone go report this as a HIPAA violation.
  
  --
  Bits of code, random ramblings: jakimfett.com
34. Re: Wow... Just "no". by dAzED1 · 2015-01-21 04:41 · Score: 1
  
  ::blink:: wait, what? Something inside me wants to know how you interpret Art1, Sect8, Clause12...just for giggles.
35. Re:Wow... Just "no". by dAzED1 · 2015-01-21 04:49 · Score: 1
  
  to be fair, this was only really clear starting with Omnibus - prior to that, HIPAA relied a lot on common sense and a personal sense of ethics from the reader. Fortunately, the semi-retroactive nature of it to 2009, plus Omnibus being released 9 months prior to healthcare.gov, means that yes - the government faces stiff penalties of paying itself money (amount=irrelevant, since paying self) and the BAs made $1.7BILLION for making a farking WEBSITE for fark's sake, so I don't think the 1.5M max fine will really cramp their style much.
36. Re:Wow... Just "no". by BarbaraHudson · 2015-01-21 05:01 · Score: 1
  
  It's not a question of faith in the government so much as wanting to see some substance instead of if rumor and speculation.
  
  --
  "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
37. Re:Wow... Just "no". by Holi · 2015-01-21 05:47 · Score: 1
  
  Except Healthcare.gov doesn't actually handle any medical information. It's a website for purchasing a health plan, not for getting actual health care. No medical information no HIPPA violation. Still a really shitty thing, but probably not illegal.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
38. Re:Wow... Just "no". by queequeg1 · 2015-01-21 06:12 · Score: 1
  
  The article states that information shared could include pregnancy status (clearly protected health information) and smoking status (most likely PHI).
39. Re:Wow... Just "no". by JohnFen · 2015-01-21 06:47 · Score: 1
  
  There is zero evidence that this data is being used for advertising purposes - the article makes a lot of speculation. For example:
  I disagree. The evidence is that the data is being sent to them. Nothing more needs to be proven. There is no -- as in zero -- legitimate reason for the site to be doing this. All performance analysis they need can be done in-house.
  
  For example, IBM does both - but they also do pretty good data analysis. Would you rather it goes to some 3rd-world country for analysis (because you can be pretty sure it will be sold)?
  I honestly don't see any difference between the two scenarios. I have no reason to think that domestic ad companies are any more trustworthy than 3rd world country companies (and I have several reasons to think that they're not). I'm pretty sure it will be sold either way.
40. Re:Wow... Just "no". by codewarren · 2015-01-21 06:51 · Score: 1
  
  Bullshit. The fact that the information gets sent at all is prima facie evidence that it's being abused. The burden of proof is on the government to justify it.
  Bullshit, the fact that you were arrested by police and prosecuted by the DA is prima facie evidence that you are not innocent. The burden of proof is on you to justify yourself.
  You can't change what "evidence" means because it suits your ideological goals.
41. Re:Wow... Just "no". by Ksevio · 2015-01-21 06:52 · Score: 1
  
  But just because something is medically related, doesn't mean it's protected by HIPAA. Target knowing a customer is pregnant isn't required to protect that information. For healthcare.gov, this article states it does not need to comply.
42. Re:Wow... Just "no". by Ksevio · 2015-01-21 06:54 · Score: 1
  
  http://www.crn.com/news/channe...
43. Re: Wow... Just "no". by Curunir_wolf · 2015-01-21 07:02 · Score: 2
  
  ::blink:: wait, what? Something inside me wants to know how you interpret Art1, Sect8, Clause12...just for giggles.
  To raise and support Armies, but no Appropriation of Money to that Use shall be for a longer Term than two Years;
  WTF does that have to do with Obamacare?
  
  --
  "Somebody has to do something. It's just incredibly pathetic it has to be us."
  --- Jerry Garcia
44. Re: Wow... Just "no". by AK+Marc · 2015-01-21 07:03 · Score: 1
  
  They learned it from the Republicans.
  
  --
  Learn to love Alaska
45. Re:Wow... Just "no". by AK+Marc · 2015-01-21 07:14 · Score: 1
  
  The information shared is "personal information" not "medical information", though status as a smoker or pregnant could fall under both. HIPAA doesn't apply to the government anyway. And, unless it's changed since the last time I looked, the "p" had been enforced, but never the "a". People have been fined for not releasing information, but never fined for releasing too much to the wrong people. The real point of the law was that doctors would hold prescriptions and diagnoses hostage, demanding extortion fees to release them, of failing to release them to demand followups go through the same doctor. Yes, when fixing that, they added in a little bit on privacy, but the portability was the main point, and the *only* portion that's ever been enforced. The "accountability" portion has never been enforced.
  
  Again, last I looked. They may have finally fined someone for a privacy breach, but I doubt it.
  
  HIPAA was created to empower the patient in choice of doctor and treatment, not increase privacy (privacy is bad, as it leads to abortions). And that's exactly how it's been enforced.
  
  Thankfully, the public is dumb as rocks, and I got paid big bucks to tell doctors "that's not required by HIPAA, but if you don't trust my legal opinion, but trust my technical skills, I'll be happy to do the superfluous work for $250/hr." They were lining up, for a few years. Scared of a law they didn't understand, even when it explicitly says "this should not be construed to mean that encryption is required", which I had highlighted in all my printouts of the law I carried with me. Funny how even the wording of the law can't change a closed mind.
  
  --
  Learn to love Alaska
46. Re:Wow... Just "no". by mrchaotica · 2015-01-21 07:19 · Score: 1
  
  Your argument fails because it assumes that individuals and government are somehow equivalent. They are not. In fact, quite the opposite: the burden of proof lies always lies with the government precisely because it is a government, and not an individual!
  People are always innocent until proven guilty.
  Government is always guilty until proven innocent.
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
47. Re:Wow... Just "no". by budgenator · 2015-01-21 07:42 · Score: 1
  
  IANAL but I think that pesky coma between "violation" and "with an annual maximum of $1.5 million" stops the per violation part and start the annual maximum part without regard to the number of violations.
  
  --
  Apocalypse Cancelled, Sorry, No Ticket Refunds
48. Re:Wow... Just "no". by The+Fifth+Man · 2015-01-21 07:43 · Score: 1
  
  Check Section 164.514(b)(2)(i) for the identifiers. Remember, IIHI is literally defined as a "subset" of PHI (see Section 160.103). That means disclosing, say, a name alone is a breach of HIPAA in a healthcare context (and shopping for medical insurance is, and it is very much covered by HIPAA).
  Data doesn't need to be medical in nature, it needs to be related to healthcare. Your personal data qualifies in this context, I can absolutely assure you.
49. Re:Wow... Just "no". by codewarren · 2015-01-21 07:47 · Score: 1
  
  No, my argument is that you cannot change the meaning of evidence. Police may stop you because of evidence, but police stopping you is not evidence.
  You are correct that the analogy doesn't run through, but it doesn't need to. It does show that "evidence" has a meaning that the GP tried to subvert to make an ideological point.
  If I had argued that the government doesn't need to show you shit, then you'd be right, but I'd never argue that. The government should demonstrate that such action is being prevented.
  However, that STILL doesn't mean that this is "evidence of abuse" it is "evidence of sending". If it did mean that, then actual "evidence of abuse" would lose its meaning.
50. Re:Wow... Just "no". by The+Fifth+Man · 2015-01-21 07:50 · Score: 1
  
  That may be, but by the very black and white wording of the law itself, the site is acting in a business associate capacity on behalf of health insurance companies.
  Despite what is being reported -- "HHS says it isn't covered uhcuz it doesn't wanna be" -- it is, indeed, covered by HIPAA.
  I have been quoting section references to you in an earlier reply but it might be better if you read a summary:
  http://www.hhs.gov/ocr/privacy...
  The problem for the website is that by HHS definitions, it is handling PHI (remember Section. 160.103 here) and is acting in a business associate capacity (this is also, coincidentally, covered at Section 160.103) and is therefore covered by HIPAA, period, over and done.
  As for what happens when they pull the "well, we don't feel like it" card at HHS, I have no idea.
51. Re: Wow... Just "no". by Locando · 2015-01-21 07:54 · Score: 1
  
  They're talking about the Heritage Foundation's 1989 proposal, later supported by Orrin Hatch in 1993, revised again in 1994.
  Also available at less truthy sources in more detail.
52. Re:Wow... Just "no". by The+Fifth+Man · 2015-01-21 07:55 · Score: 1
  
  See my earlier comments, but this is most definitely false.
  The issue is that HHS boxed themselves in by the way they defined business associates and medical information. This is not a case of "HIPAA only applies to providers like hospitals" (which was the case prior to 2009). Giving even a name to an insurance company after facilitating shopping for medical insurance qualifies the entity or party as a business associate, and that data -- even though it's not "I have a cold" or whatever -- is still legally defined as medical data. (See section 160.103 for more on this.)
  HIPAA absolutely, 100% applies. As I point out elsewhere, the issue is what happens when HHS says "well, we wrote it for the little people, not for US."
53. Re: Wow... Just "no". by anagama · 2015-01-21 07:59 · Score: 2
  
  Are you referring to Obamacare and suggesting that no Republican ever tried to foist it on the whole country?
  http://en.wikipedia.org/wiki/R...
  (yes, he was a republican)
  http://www.salon.com/2013/10/2...
  Nixon never really got anywhere with it though -- he had to resign the office. BUT, republicans have wanted to foist this forced subsidization of the private insurance companies crap on us for decades. Now they got it thanks to our Demoplicans.
  
  --
  What changed under Obama? Nothing Good
54. Re:Wow... Just "no". by The+Fifth+Man · 2015-01-21 08:08 · Score: 2
  
  Nearly everything you've stated is false and contradicts the plain wording of the statute. You're actually giving out "legal opinions"?
  >The information shared is "personal information" not "medical information"
  Please review the elements of IIHI at Section 164.514(b)(2)(i) and that IIHI is a subset of PHI at Section 160.103(1) and (2).
  > HIPAA doesn't apply to the government anyway
  Then why does IHS have to comply? Why does the NIH bother with it at all when they interface with non-government organizations?
  >And, unless it's changed since the last time I looked, the "p" had been enforced, but never the "a"
  Portability and not accountability? You haven't even looked at the enforcement actions taken by the OCR, then.
  > People have been fined for not releasing information, but never fined for releasing too much to the wrong people.
  You literally don't know what you're talking about. I'm honestly terrified for your clients (if you actually have any).
  > even when it explicitly says "this should not be construed to mean that encryption is required"
  The law doesn't say that, nor anything even remotely close, and you have drastically misunderstood the addressability standard, and furthermore, see Section 164.312, Technical safeguards which will rest assured contradict what you've said.
  If you ever really had clients, you did them not only a disservice, you've left yourself open to have your ass sued off (and I'm not even talking about HIPAA at that point, but gross negligence.)
55. Re: Wow... Just "no". by radarskiy · 2015-01-21 08:44 · Score: 1
  
  "the previous administration, with a Republican house and senate, never advanced a bill for it"
  The Republican plan was older than that. See Health Equity and Access Reform Today Act of 1993 and Consumer Choice Health Security Act of 1994.
56. Re: Wow... Just "no". by Coren22 · 2015-01-21 08:47 · Score: 1
  
  What is the limiting factor though? Should we build more medical facilities? Maybe offer more public money to fund more doctors? Clean up the medical patent system? Maybe loosen rules on "medical devices"?
  Just trying to make the system work with what we have is silly, lets fix the problems instead.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
57. Re:Wow... Just "no". by queequeg1 · 2015-01-21 08:49 · Score: 1
  
  Additionally, doesn't appear that HHS has definitively said it is not covered by HIPAA. The article Ksevio linked to is specific to covered entity liability under HIPAA. It mentions nothing about the potential for healthcare.gov to be a business associate (presumably of the various insurance companies it works with).
  There are a couple of ways to be classified as a business associate, the pertinent way in this case being the creation, reception, maintenance, or transmission of PHI on behalf of a covered entity for "a regulated function or activity."
  Healthcare.gov is clearly creating and transmitting PHI to insurance companies (which are covered entities). However, HHS has not clarified whether it considers health insurance portals to be performing a regulated âoefunction or activityâ for insurance companies.
58. Re:Wow... Just "no". by BarbaraHudson · 2015-01-21 09:03 · Score: 1
  
  I'm very skeptical about any article that makes basic mistakes:
  
  Google, thanks to real name policies, certainly has information uniquely identifying someone using Google services.
  Google 's real name policy is dead.
  And Facebook also had to back down when a single vigilante used it to harass people.
  
  --
  "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
59. Re:Wow... Just "no". by BarbaraHudson · 2015-01-21 09:06 · Score: 1
  
  All performance analysis they need can be done in-house.
  Obviously history disagrees with you - they couldn't even keep the site running properly for how long again ??? I'd look at the companies involved at implementing the site taking this as a cheap and easy way to do analytics (and maybe a few back-room deals as well) rather than a policy of the government.
  
  --
  "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
60. Re: Wow... Just "no". by ganjadude · 2015-01-21 09:25 · Score: 1
  
  oh, so they are talking about things that happened when I was 4 years old, written by a group that im my eyes is the equivalent of moveon.org for the right.
  
  while I do have to stand corrected, I also find it a little off base to say that republicans 30 years ago did X, therefore republicans today like X. By that logic, the democrats are still KKK members today right? since they invented it right??
  
  --
  have you seen my sig? there are many others like it but none that are the same
61. Re:Wow... Just "no". by AK+Marc · 2015-01-21 09:39 · Score: 1
  
  Nearly everything you've stated is false and contradicts the plain wording of the statute.
  How many fines have been given out for not releasing information
  
  How many have been given out for releasing too much information to the wrong people?
  
  Those two questions answer the question of what it was for and how it was used.
  
  --
  Learn to love Alaska
62. Re: Wow... Just "no". by phrackthat · 2015-01-21 09:57 · Score: 1
  
  Not really, most of the ACA was recycled Republican ideas . . .
  So, it's a Republican idea if a guy who is a complete leftist and just wears the name "Republican" happens to propose it and it is shot down by the Republican party? (Sen. John Chafee was the leader on the bill - just to show how conservative he was, he also wrote a bill to ban the manufacture or sale of handguns and/or ammunition, and was pro-abortion and pro-homosexual rights back in the 90's when it wasn't trendy, etc. On social issues, Chafee was amongst the most leftist in the Senate - Democrats included.) In 1993, he joined with Democratic Louisiana Senator John Breaux to form the Senate Mainstream Coalition, a coalition of six Democratic and six Republican Senators seeking bipartisan consensus on health reform
  The bill Chafee authored was not even brought up for a vote because the rest of the GOP wanted nothing to do with it. The ACA is no more "recycled Republican ideas" than White Nationalism is "recycled Democrat ideas" because of Senator Robert Byrd's prior affiliation with the KKK.
63. Re: Wow... Just "no". by halivar · 2015-01-21 10:00 · Score: 1
  
  I dispute that being Mitt Romney's plan makes it conservative.
64. Re: Wow... Just "no". by njnnja · 2015-01-21 10:01 · Score: 1
  
  Those are all excellent points that can help us to increase the *supply* of health care (which is something that should be done no matter what is done on the allocation side). But we should not fool ourselves into thinking that we can ever make the amount of health care that could be supplied equal to the amount of health care that we want. For the former will always be finite and the latter will always be infinite (mod singularity).
  
  So even after increasing the supply with the kind of reforms you suggest, we will still have the problem of how do we allocate those resources. And if we continue to use the current Rube Goldberg contraption we will still have problems.
65. Re: Wow... Just "no". by PapayaSF · 2015-01-21 10:13 · Score: 1
  
  They're talking about the Heritage Foundation's 1989 proposal, later supported by Orrin Hatch in 1993, revised again in 1994.
  The Heritage Foundation proposal did include an individual mandate, but that's like saying your bedroom ceiling is based on the Sistine Chapel because they both are covered in paint. The Heritage proposal was for minimal, catastrophic insurance, what used to be called "major medical." That's the sort of insurance people used to be able to buy for maybe $50/month. But the ACA larded everything up with countless mandates (birth control, etc.), so that even minimal insurance is now expensive. And then, in one of many ironies, deductibles are now so high that many people avoid going to the doctor. Remember when the ACA was needed to ban "junk insurance policies," which were defined as policies with high deductibles? Down the memory hole!
  I said years ago, before this monstrosity came online, that it would not work as claimed, and in fact might never work. I believe that prediction still holds. They've stopped talking about the problems with the backend, but AFAIK they have not yet fixed them, and are still doing things manually or with estimates. It will also be interesting this tax season, when millions of people find that their tax bill is higher than they thought it would be, thanks to the ACA.
  
  --
  Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
66. Re:Wow... Just "no". by ToddInSF · 2015-01-22 05:20 · Score: 1
  
  "There essentially no controls on the medical tort industry in it."
  
  Fuck you. No, really, fuck you and everybody like you that seeks to thwart the ability of patients to sue incompetent medical people that prey on everybody.
  
  You piece of shit.
67. Re:Wow... Just "no". by JohnFen · 2015-01-22 05:22 · Score: 1
  
  I saying that it is technically feasible for a competent engineer. I'm not commenting on the contractor's ability to do it.
  The ultimate blame falls on governmental policy, not the contractors, though. It is the government who decides what the acceptance criteria are, not the people the government hires. It is the government who approves or disallows the use of third party services, not the people the government hires.
68. Re: Wow... Just "no". by dAzED1 · 2015-01-22 06:04 · Score: 1
  
  when you say something fanatical like "no republicans have ever tried to push a bill like that on the entire country" you put yourself in a group that hates helping sick people and also tends to think it's great to blow up people elsewhere (like, suffering is just great all around, I guess). You then try to use the Constitution to justify your statements - but don't really understand what is in the document at all. Such as, the Constitution directly stating there shouldn't be a standing army. The two subjects are remarkably intertwined; ACA costs a small fraction of the wars in the middle east, and at least ACA provides a /benefit/. But hey, maybe you buck the system. Maybe you don't like our middle east involvement either - maybe you're an honest "constitutionalist." Which would be great, except for the farking part that the FFs were slave owners and treated women like crap. Stop pretending one side or the other are angels without flaws, and stop pretending the Constitution was sent by G-d. Argue something on it's own merits, not based on what some long-dead slave owner thought.
69. Re: Wow... Just "no". by Curunir_wolf · 2015-01-22 06:32 · Score: 1
  
  Well, first, you're responding to the wrong person. I assumed you were trying to say something insightful about the law. Unfortunately it's just more of the same partisan drivel.
  I get there are many people happy about the ACA, and they like justifying all the bad things that have been done in the past six years with deflection about how it "Not as bad as the Iraq war", etc. Hard to argue with that, which I guess is why it's used, but of course the ACA is bad law, for many reasons, but most compelling is that the costs are far greater than the benefits. But that's what happens when the "leaders" have clearly stopped representing the people, and the only goal is power, through whatever means possible.
  You can dismiss the Constitution by looking at the founders through the lens of modern culture if you like, but frankly considering the way countries were run in the rest of the world at the time, it was a vast improvement. And it's still law. If somethings wrong with it, there are provisions for changing it. But frankly the biggest problem is that Congress puts a lot of effort into getting around it, not following it. ACA and bi-annual NDAA are no different in that regard.
  
  --
  "Somebody has to do something. It's just incredibly pathetic it has to be us."
  --- Jerry Garcia
I do not care about the ads by houghi · 2015-01-21 01:51 · Score: 4, Insightful

If they show me ads about smoking, condoms, beer or PCs is completely irrelevant.
What is relevant is that the governement is selling your data. Even if the other company would trow everything in /dev/null they should NOT do that. I do not even care if it is legal or not.
I care about the fact that they share your data.

--
Don't fight for your country, if your country does not fight for you.
Re:!OUTRAGE! by Anonymous Coward · 2015-01-21 01:59 · Score: 1

...Obama is literally Hitler.
No, Hitler had a plan. It was not a good plan, but he had, at least, an idea of what he wanted to do.
As for Obama? A deaf bat has a better sense of direction.
Wait, what PII? by Enry · 2015-01-21 02:30 · Score: 2

The example that the EFF gave listed general information about a person, but there's nothing that would directly identify the person. No SSN, no address, no name.
Yes, doubleclick and others could use that with other information they already have and determine with some probability who the person is. But that's a separate discussion on expanding what PII is or limiting what kind of data can be stored about a person, either of which I'd be in favor of.
1. Re:Wait, what PII? by JohnFen · 2015-01-21 06:52 · Score: 1
  
  It sounds like you're using the ad industry's definition of "PII". That definition is ludicrous. The bulk of information that can be used to identify me personally falls outside of the standard definition of "PII", and so the term "PII" is pretty much devoid of meaning.
2. Re:Wait, what PII? by Enry · 2015-01-21 07:09 · Score: 1
  
  Yes and no. In a practical sense you're right and I said as much in the second paragraph. As for the legal definition of PII:
  NIST Special Publication 800-122 defines PII as "any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information."
  Part 2 is pretty much met given the data that's being sent to doubleclick. But Part 1 isn't being met. This is an AND statement, so for this to be PII, both parts have to be true.
3. Re:Wait, what PII? by JohnFen · 2015-01-22 05:19 · Score: 1
  
  Yes, I understand. I'm just saying that definition of PII is a worthless definition, so it doesn't matter at all. When a company says things like they don't store or share any PII, they're saying nothing that is of any actual value to me. because the definition of PII is too narrow to be meaningful in a privacy or security sense.
Go to the website and file incorrectly by retroworks · 2015-01-21 02:37 · Score: 1

I haven't completed it, but maybe I should just to pollute the database. Is that a crime? I could say I'm tall, healthy, young Asian Latino woman? That would probably go too far, but at least this is data I can control better than the data the credit card companies dole out on my purchases. People are always thinking "invisibility" when nature prefers "camouflage".

--
Gently reply
Privacy? by MagickalMyst · 2015-01-21 02:53 · Score: 1

This is the 21st century.

--
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
So could you generate millions of by Registered+Coward+v2 · 2015-01-21 03:14 · Score: 1

Random referral requests and thus pollute the collected data?

--
I'm a consultant - I convert gibberish into cash-flow.
Government web sites shouldn't do this at all by davidwr · 2015-01-21 03:19 · Score: 1

I can't think of any legitimate reason for any government agency that is providing services to the public to accept outside advertising.
If they must accept outside advertising for whatever reason, the traffic should be one-way and "blind" to the advertiser.
This means the federal government web site will need to host the ads and if they provide analytic data at all, only provide summary data, such as the number of hits in a given day or hour rounded off to a level designed to prevent teasing out additional information and if the numbers are large enough so privacy isn't an issue, the number of hits believed to come from particular states or metropolitan areas.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Re: HITECH Act, not HIPAA by The+Fifth+Man · 2015-01-21 03:53 · Score: 1

Changed in 2009 with compliance date of Sept 2014, to be even more technically correct. Bottom line, though, HIPAA applies. We seem to agree on that important point. I feel like filing a complaint with HHS about HHS.
healthcare.gov is run by private companies by Revek · 2015-01-21 03:58 · Score: 2

They couldn't identify me, so experian sent me a credit application to fill out. Its really pathetic that they can't use information the government already has. Instead they rely on some private company who only cares about the bottom line. Its our governments perverse need to reduce public systems in favor of inefficient and incompetent private models. They get paid even when they do a bad job. So what you really have here is some private company using data it gathered. I would bet it was in their contract and its not even shady, its just another government sell out of its people.
Big Brother & Max Headroom all in one. by pak9rabid · 2015-01-21 04:05 · Score: 2

The ad-blocks, they do nothing!
How is this not a HIPPA violation? by dbc · 2015-01-21 04:06 · Score: 1

Serious question. HIPPA is very strict. Or so I'm given to understand, not having done a deep dive into the details. How can they do this without violating HIPPA?
1. Re:How is this not a HIPPA violation? by dAzED1 · 2015-01-21 04:31 · Score: 1
  
  they can't, but the fine has a max penalty per year, and that max would just be the fed paying itself a number at which it wouldn't blink even if it wasn't paying itself. Just because something is illegal, doesn't mean it won't happen - if the only penalty for underage drinking was you had to have sex with Scarlet Johansen, do you think that would work as much of a deterrent? We don't live in a world where society can decide it doesn't accept a certain behavior, and then just expect everyone to not do it regardless what the penalty might be
2. Re:How is this not a HIPPA violation? by JohnFen · 2015-01-21 06:55 · Score: 1
  
  IANAL, but I am generally familiar with HIPPA. This is probably not a HIPPA violation because the HIPPA rules only apply to specific sorts of businesses, and the healthcare.gov site is not one of them. For instance, I could share any medical details I had on you as much as I want without violating HIPPA laws.
Don't fear, all the tracking is SSL! by simplypeachy · 2015-01-21 04:18 · Score: 1

Visiting just the healthcare.gov web site via Firefox generates the following URL requests: http://pastebin.com/0UUbmRCf
At least all those advert and tracker sites - including those that have been helping pay for malware for over a decade - are using SSL!
Re:European privacy laws. by simplypeachy · 2015-01-21 04:19 · Score: 1

These don't work. Many UK government web sites use Google Analytics et al.
Why does the govt need ad money? by citadrianne · 2015-01-21 04:35 · Score: 1

Or is this something that should be encouraged to offset the enormous cost of the project?
Re:Custom hosts files stop this tracking by Anonymous Coward · 2015-01-21 06:04 · Score: 1

Ghostery's advertiser owned (evidon): A fox guards your henhouse http://en.wikipedia.org/wiki/G...
Re:You didn't need to be a drooling fox zombie.... by Curunir_wolf · 2015-01-21 06:52 · Score: 2

There is really no place here for the sophomoric name calling.
You must be new here...

--
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Good points. Also, sometimes shit happens. 2008 by raymorris · 2015-01-21 09:00 · Score: 1

> If there is a structural problem with those businesses, or their product is no longer needed (like buggy whips), I can understand letting them go under. For everything else, it is almost always who is running the business, as opposed to the business itself, which is the problem.
Good points. Also, sometimes an unusual external event is a significant factor. You build homes to withstand thunderstorms, not to withstand a record-breaking monsoon. Similarly, you build a business to withstand the threats you expect it to face, plus a bit of safety margin.
Not that I liked TARP - it was bad enough as the law was written (ie the government trading cash for non-voting stock), even worse as Obama warped it ("exercise our [the adminisitrations's] ownership and management responsibilities of these companies"). However, it was a shitty situation, with no good options. TARP might have been less bad than the other choices available.
Why are there ads? by crbowman · 2015-01-21 09:15 · Score: 1

"The information involved is typical ad-related analytic data?" Are there ads on the government run healthcare signup site? Why are there ads?
Login page scripts by LucasBC · 2015-01-21 13:03 · Score: 2

The login page at: https://www.healthcare.gov/mar... includes at least 8 third-party scripts, any of which could potentially harvest your username and password: https://stats.g.doubleclick.ne... https://www.googletagmanager.c... https://cdn.mxpnl.com/libs/mix... https://static.chartbeat.com/j... https://connect.facebook.net/e... https://platform.twitter.com/o... https://c1.rfihub.net/js/bcP.j... https://www.googleadservices.c...