Ask Slashdot: Should You Store Medical Details In The Cloud?

"Paper forms are a security risk", warns the web site for CareMonkey, which maintains digital and up-to-date medical information in the cloud "for any organization with a duty of care". This is raising concerns for long-time Slashdot reader rolandw, who says he's being asked by his daughter's school to approve using the site to store "her full medical details". CareMonkey say that this data is stored on AWS and their security page says that it is secured by every protocol ever claimed by AWS (apparently). As a sysadmin and developer who has used AWS extensively for non-secure information my alarm bells are sounding.
Should he ignore those alarm bells and approve the storage of his daughter's medical history in the cloud? And if not, what specific reason would you give for refusing?

No.

Q: Should you store anything in the cloud?

A: Only if you don't care if everyone in the world sees it and tries to use it against you.

Re:No.

[JaneTheIgnorantSlut]

A: Only if you don't care if everyone in the world sees it and tries to use it against you, or if you don't care if you ever see your data again. FTFY

Re:No.

[ShanghaiBill]

A: Only if you don't care if everyone in the world sees it and tries to use it against you.

Why should I care if everyone sees my medical records? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health. But I don't have any health problems, so if my records are public, I should get lower insurance rates and better employment offers, and potential GFs can verify that I am STD free. So it seems like a win-win for me to just store everything in the cloud, and hope it leaks. Is there some downside that I am overlooking?

Re:No.

[war4peace]

Yes, plenty.
If you had alcohol-related problems in the past, companies might refuse to hire you but would give you a different reason anyway. More ominously, targeted advertisement with free coupons for this or that alcoholic beverage will find their way into your mailbox, magazine you subscribe to or local store you shop from.
If you suffer from this or that mild disease (or have suffered in the past), targeted advertisement will slam you with related ads. Same if you're overweight or too thin (I'm thin and recently started getting targeted ads in my mailbox).
A girl I know has pimples and started receiving targeted ads and getting calls (yes, calls!) from companies selling beauty products ("wanna get rid of them pimples") - I suspect that's caused by her uploading some personal pictures to the cloud from her phone (stored privately but hey, that doesn't stop anyone, does it).

Re:No.

[mark-t]

If you had alcohol-related problems in the past...

If you suffer from this or that mild disease (or have suffered in the past)

if you're overweight or too thin...

See a pattern here?

Re:No.

1) Everyone will have health problems at some point....
2) as Insurance Companies become able to make smaller and smaller pools to discriminate from they will find a "reason" to charge you more...
3) If an error gets in to those files and you get charged more it will be somewhat likely you not even know it is costing you more money....
4) If an error gets in those files and you get charged more / dropped it is very likely you will have a heck of a time fixing the error....
5) Lots of "health factors" are BS.... BMI is scientifically discredited yet Obesity is still an "Epidemic".... Media definitions of science are a valid reason to charge more

Re:No.

[kqs]

A very clear pattern. If you (and all of your dependents) are in good health, physically and mentally, you don't care about sharing that data. If you are not in good health, someone will try to use that against you.

Why, do you see another pattern?

Re:No.

A: Only if you don't care if everyone in the world sees it and tries to use it against you.

Why should I care if everyone sees my medical records? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health. But I don't have any health problems, so if my records are public, I should get lower insurance rates and better employment offers

Prior to 2010, I was in perfect health. Never smoked or drank. Exercised and was in excellent shape. Never sick a day in my life. Then suddenly, I was diagnosed with cancer, went through all the fun stuff associated with that, culminating in a really major surgery (~10 hours), followed by a chronic infection that I am still fighting today (and which has pretty much destroyed my life)

Mt point is this: Don't get all excited about being in good health, and start making all sorts of decisions based on "I'm not sick so I have nothing to worry about", because things can change in an instant.

Re:No.

[CrimsonAvenger]

? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health.

Note that the first is illegal under the ACA, and the second is likely either illegal or actionable under the ADA.

Re:No.

agree with no, I am a physician and I dont even back up to the cloud, I have onsite backups, my servers are all virtual, there is an onsite backup, a spare at my house and a spare at my IT'guys office, everything is vm, encrypted and local, internet went down in the office for 2 hours thursday and we just kept on working. Medical data has absolutely no business in the cloud.

Re:No.

>illegal

Right, making drugs illegal sure stopped people from abusing them!

People have used medical data to deny jobs, to deny housing, and to charge more for insurance. People have also used medical data to impersonate others and to be more successful at phishing attacks.

These days your medical data is in the cloud even if YOU didn't store them there. Your doctors and hospitals and other healthcare providers are virtually required to store stuff there, thanks to GW Bush and your Senators and Congresscritters. And for sure your insurance company stores your medical data there too.

For decades, spies have also obtained medical data of politicians for nefarious purposes.

Microsoft and Google are two of the largest hosters of medical data, btw, so don't worry.

Re:No.

[Crashmarik]

A: Only if you don't care if everyone in the world sees it and tries to use it against you, or if you don't care if you ever see your data again.

FTFY

Nahh in 10 years the NSA or the KGB will be glad to sell you back a copy

Take a look the Russians have been glad to help out with Hillary's data loss and backup problem.

Re:No.

[JustAnotherOldGuy]

Is there some downside that I am overlooking?

Errr, yes. Unless you're the only person in the world with your name (or a similar name) AND you don't think you have to worry about accidentally being mistaken for another patient OR you think that data entry people never make a mistakes and mix up or link your records with those of someone else, then, no, have a ball!

Of course, if your records have mistakes in them or later it's found out that you may be statistically likely to develop some expensive condition based on an analysis of your currently innocuous medical history, then you might want to rethink that whole, "I'm healthy, let 'em see my info" plan.

And finally, being healthy is a temporary condition at best. If you do get sick and you somehow manage to remove your records from the cloud (ha ha, good luck!) the sudden disappearance of your online medical records may in itself trigger a "Whoah, what's this guy got to hide?" response by the insurance companies. But don't worry, because you're healthy (today anyway).

Re:No.

[Gr8Apes]

Why should I care if everyone sees my medical records? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health. But I don't have any health problems, so if my records are public, I should get lower insurance rates and better employment offers, and potential GFs can verify that I am STD free. So it seems like a win-win for me to just store everything in the cloud, and hope it leaks. Is there some downside that I am overlooking?

Yep, there's a whole list of them. Your father (who may not actually be your father) has diabetes and parkinsons. You're a risk. Better go to the next one that doesn't. You have a series of qualities that make you susceptible to the next flu that breaks out. Your genetics indicate you're susceptible to one or another rare cancer, or perhaps will wind up with rheumatoid arthritis. Or perhaps they're someone else's partial records or relatives. After all, dumping all that data into cloud insures that no errors will ever happen like that, right? This is one of those cases where the less info on you is out there, the better.

Re:No.

[JustAnotherOldGuy]

? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health.

Note that the first is illegal under the ACA, and the second is likely either illegal or actionable under the ADA.

Yeah....if you can prove it, and I mean really, really prove it. They'll never come right out and say, Ewww, let's not hire the sick guy!", no, it'll be that you're "unqualified" or "over-qualified" or something else. You'll never get proof of the real reason they did hire you.

Re:No.

[Gr8Apes]

? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health.

Note that the first is illegal under the ACA, and the second is likely either illegal or actionable under the ADA.

Gee, there's this law back in 1967, ADEA, that was passed to make it illegal to discriminate against people 40+. Seems to have worked. Silicon Valley openly discriminates against 30+.

Re:No.

[TheGratefulNet]

you will have medical problems.

eventually.

we all do.

its a fact. and you won't admit it but its still a fact that us older guys know.

almost no one goes thru life 'perfect'. our medical history is OUR history and that's that. you may not think so now, but you will later.

Re: No.

[jellomizer]

Why should you care? Well insurance companies already have your data. Every charge from the doctor your diagnosis and what procedure is given. The real issue is even if you are healthy if you happen to get sick how quick can you block the sending of info before it is too late. Say you get cancer, so your job can find a way to fire you before it becomes official. Or you get a perticular issue that is common for people of particular groups then you may get advertising based on the over generalization of the issue.
Even if your current employer is trustworthy if you want to find an additional job they may block your resume just because of some odd diagnosis that may not be consider important. For example say you have rare migraines someone could see you as a risk because people who have severe migraines often loose a lot of work.
If you health info has nothing to hide, then you have no real reason to store it.

Re:No.

Note that the first is illegal under the ACA, and the second is likely either illegal or actionable under the ADA.

And those provisions of ACA are six months away from an election in which the insurance companies that bought the law will be working with either the (R)epeal party, who tried to repeal the law in favor of something egregiously in favor of the insurance companies, or the (D)ontEverGoSinglePayer party, consisting of the legislators they already purchased for the last round of reforms, in control.

Either way, I'm damned if I'm putting my beer quota into the cloud. What illegal to hike my rates over today may be perfectly legal to deny me coverage every two years of the electoral cycle.

Re:No.

Ageism, sure. Then there's netism: you don't have a lame-ass facebook account? Roundfile. Dress funny? Roundfile. Tattoos? Roundfile. Credit problems? Roundfile. Arrest record? Roundfile. Self-taught? Roundfile. Etc.

Re:No.

[fluffernutter]

I hate saying this, but THIS.

Re:No.

[fluffernutter]

Insurance is supposed to be for people who are not in good health.

Re:No.

[anegg]

I think health insurance is for everyone, because the risk of having expensive health problems exists for just about everyone, especially if health issues due to accidents are included. This is similar to automobile insurance - everyone who drives carries insurance, not just the bad drivers. However, insurance companies of all types love to have reasons to divide people up into very small risk pools, and charge people more for insurance if they have even a casual relationship to some risk factor that indicates that they may make claims (or higher than average claims) against insurance. In the US, auto insurance companies are using things like people's credit score to determine how much to charge them for automobile insurance, on the basis of a belief that people with certain ranges of credit scores are more likely to be involved in accidents, apparently.

For health insurance, the risk of the health companies getting access to too much data about individuals is that they will start charging individuals for insurance according to their perception of the risk of insuring those individuals. Even if they could correctly screen people into various risk categories, this would be detrimental to the overall way insurance works in general - a large pool of people are charged for insurance based on the average risk in the pool. Everyone pays a more or less affordable rate, and when the risks materialize as claims, those claims get paid off, but the insurance company doesn't have to pay out more than they took in (if they did, they would go out of business).

If only sick/unhealthy people get health insurance, then the cost of that insurance has to be high, because they will have a higher rate of claims. Those who are fortunate enough to have great health might forego insurance, but on average most people expect to have some issue or other that might require insurance coverage, so on average most people will want insurance. So more people get insurance, and the average cost of insurance goes down because the average claims rate across the larger pool is lower.

The higher the certainty of people making claims, the less of a solution "insurance" is - insurance is intended to spread risk among a large pool. It seems to be very hard to get people to understand that on average, people cannot expect to get more out of an insurance plan than what they pay into the plan. If that were so, the insurance company would go out of business. As much as people may dislike insurance companies (and many insurance companies have earned the dislike/hatred of their customers), they provide a substantial social benefit when they perform their basic risk management function.

Re:No.

[ShanghaiBill]

Insurance is supposed to be for people who are not in good health.

Is car insurance for people that have already wrecked their car?

Re:No.

Gee, there's this law back in 1967, ADEA, that was passed to make it illegal to discriminate against people 40+. Seems to have worked. Silicon Valley openly discriminates against 30+.

It's not your age... you are just not a good fit for the company culture.

Re:No.

[penix1]

If only sick/unhealthy people get health insurance, then the cost of that insurance has to be high, because they will have a higher rate of claims. Those who are fortunate enough to have great health might forego insurance, but on average most people expect to have some issue or other that might require insurance coverage, so on average most people will want insurance. So more people get insurance, and the average cost of insurance goes down because the average claims rate across the larger pool is lower.

The higher the certainty of people making claims, the less of a solution "insurance" is - insurance is intended to spread risk among a large pool. It seems to be very hard to get people to understand that on average, people cannot expect to get more out of an insurance plan than what they pay into the plan. If that were so, the insurance company would go out of business. As much as people may dislike insurance companies (and many insurance companies have earned the dislike/hatred of their customers), they provide a substantial social benefit when they perform their basic risk management function.

You forgot to mention that insurance is also designed to not be used. With out of pocket expenses, high deductibles, yearly maximum benefits and co-pays that make it unsuitable even every year doctor visits. Add in the high cost of medications and god forbid an ambulance ride to the hospital for an extended stay and you still have the threat of bankruptcy.

Re:No.

[Livius]

It's trickier because health is also a function of age, so everyone's health is constantly changing.

Re:No.

[inode_buddha]

My local hospitals offer DVD's of one's colonoscopy upon completion of said procedure. I suppose the cloud is a good place to store that.

Re:No.

Nobody does phone patches anymore, I haven't heard a V/U/HF patch in a decade. DTMF calls on repeaters don't exist anymore either. Old, old technology.

Re:No.

why should I care if everyone sees my medical records? The only argument I have heard is that insurance companies might charge more, and employers may be reluctant to hire people with bad health. But I don't have any health problems, so if my records are public, I should get lower insurance rates and better employment offers, and potential GFs can verify that I am STD free. So it seems like a win-win for me to just store everything in the cloud, and hope it leaks. Is there some downside that I am overlooking?

Are you really asking why only you, ShanghaiBill, should care about patient privacy?
I'm not going to answer your question because I don't give a shit about ShanghaiBill's life.
ShanghaiBill is not the only person in this country, and the laws weren't written to protect the people who don't need protection.

Re:No.

Gee, there's this law back in 1967, ADEA, that was passed to make it illegal to discriminate against people 40+. Seems to have worked. Silicon Valley openly discriminates against 30+.

It's not your age... you are just not a good fit for the company culture.

Yessir, don't believe in slave labor. FYVM.

Re:No.

[Gadget_Guy]

But I don't have any health problems...

As medical records get more comprehensive, they will show your genetic predispositions based on DNA tests. You could be discriminated against based on potential maladies that you may never even contract. It doesn't matter if you completely healthy until the day you get hit by a bus, you might still be deemed a potential risk and therefore not get lower insurance or better employment offers.

And even if that wasn't the case, how short sighted do you have to be do think that you will as healthy as you are now forever?

Re:No.

[tlambert]

OK you already answered, Just Fucking No.

Re:No.

[tlambert]

I had them burn a DVD of my MRI. 1996. So your shit has been out there forever.

Re:No.

[tlambert]

I would like to know if you have a c21 ch53. So if I can tell whether you will have cancer or not. And then discriminate against you, So as to be an ass. You know, just because I can knowledgeably say you have a 73% chance of getting cancer. Because I happen to know that.

Re:No.

[tlambert]

OK. Very amused.

Re:No.

[tlambert]

OK, self taught: roundfile.

Re:No.

[nbauman]

Here's an example. Suppose you smoke marijuana at some point. Your doctor asks you about that and mentions it on your medical record, because it's clearly health-related, significant and part of a good medical history.

20 years later, you have knee surgery and you're left with severe, intractable pain. The only thing that controls it is opioid drugs. Your doctor looks at your medical record and sees that you have a history of marijuana use. There are "risk scales" that define that as "drug abuse" (for example, the opioid guidelines of the Texas Medical Society). So instead of simply treating your pain with enough opioids to control the pain, your doctor makes you sign a "pain contract" which requires you to take regular drug tests, and has the provision that he can abandon you and expel you from his practice if you fail a drug test or violate any of the other provisions in the pain contract. Instead of controlling your pain down to 2 on a scale of 10, he only controls it down to 5 or 6 on a scale of 10, and leaves you to suffer in pain. These are the actual provisions of "pain contracts," and a history of marijuana use in your medical record can cause a doctor to define you as a drug abuser, and make it difficult or impossible for you to get drugs to control your pain.

http://journalofethics.ama-ass...
Veterans Health Administration Policy on Cannabis as an Adjunct to Pain Treatment with Opiates
Michael Krawitz
AMA Journal of Ethics.
June 2015, 17(6):558-561.

http://www.nytimes.com/2016/03...
Patients in Pain, and a Doctor Who Must Limit Drugs
By JAN HOFFMAN
New York Times
MARCH 16, 2016

Your medical record contains information about all kinds of aspects of your personal life.

For example, a good medical history would include information about your sexual practices. In some states, normal teenage sexual behavior would be a felony, and some anti-abortion prosecutors have subpoenaed medical records of teenage girls who got abortions, and women who had late-term abortions, in order to find somebody to prosecute. http://www.slate.com/articles/...

Re:No.

[LesFerg]

Insurance is supposed to be for people who are not in good health.

If that was supposed to be funny I missed it. Insurance is about taking money from as many people as possible, whilst paying back out as little as possible. Where do unhealthy people fit into that? Oh, on that side of the accounting columns. Take your sick ass and leave friend, before you start thinking about making a claim. Don't care if you been paying us for 15 years without claiming nothin, you sick now.

Over reacting?

Re:No.

Just SAY NO to storing ANYTHING in the "cloud"! There is and cannot be any security where you have no control. When you store any data in the "cloud" you have no control no matter what anyone tells you. The so called "cloud" is just someone else's computer, which you have no control over.

Re: No.

Yes, when there' s enough detailed information about your body, especially if it is so healthy, as you claimed to be, there is a chance somebody might decide to steal your body (or just tiny part of it) for spares.

Don't forget that Steve Jobs changed his home address registrtion in order to hack the transplant program and waited for the rainy days for the guys with the motor bikes and he was proud of hacking the system, getting the needed liver transplant ahead of all in the waiting list in California.

Re: No.

Hello?! What did you smoke? Do you have control over the computers of your bank, where all your savings are? Even if you happen to be a boring banking sysadmin there's fair chance you do not administer the 'computer' with the social security IDs...

Get real, we trust things we do not understand and we do not have control over since centuries. The key's what happens when that trust gets compromised. That's the whole difference...

Re:No.

[sir1963nz]

only so long as they add a sound track to it for the MPAA... Crystal Gaile's "Don'tcha make my brown eyes blue" would be appropriate

Re:No.

[war4peace]

There's no such thing as perfect health.
If you're in such a perfect health, the government will snatch you one night and experiment on you :)

Re: No.

[cyber-vandal]

There is an obesity epidemic. Acting like it isn't just because BMI doesn't work for olympic powerlifters is the usual action of people in denial.

Re:No.

That you have /ever/ heard? You speak from a position of gross ignorance, then.

You believe you have no KNOWN health problems YET.

This firstly means you haven't had much in the way of genetic screening, which itself puts you in a higher risk category. Results coming back as higher risk of NOTHING? Nope, implausible.

Or perhaps you are in denial about some condition, and refusing to see the doctor about it - you seem quite old, by your Slashdot posts, which means it's really unlikely that you have NOTHING wrong with you.

And, oh my, you are being tested very often for STDs - what high risk behaviour are you engaging in? Red flag right there.

Oooh, right, you want me to interpret your results how YOU would interpret them, rather than how my analysis software would categorise you. Sorry, outlier, you don't understand how big data works :(.

Re:No.

If people pay insurance premiums according to their risk of making claims, then insurance is performing its basic function of risk-sharing. If everyone pays the same premiums, insurance is performing some weird hybrid of risk-sharing and wealth redistribution.

It unfair for a hypercommuter driving for four hours each day to pay the same car insurance rate as a little old lady who drives to church every other Sunday. It's likewise unfair for an elderly person with a heart condition to pay the same health insurance rate as a healthy child.

It can be argued that the government should make sure that people are not disadvantaged for having certain health risks that would, in a fair system, increase the cost of their health insurance. (For example, maybe congenital heart problems and living in high-crime neighbourhoods, but not smoking or playing extreme sports?) But this is not insurance, and should not be characterised as such.

Re: No.

Is that why rackspace job interviews asks which is your favorite pokemon?

Re: No.

That's one way of looking at insurance. It's the wrong way, one that insurers would like you to believe, but wrong in that it's at odds with the concept of insurance though totally in line with excessive corporate greed. Of course your use of the libertarian talking point term 'wealth redistribution' tells me all I need to know about your outlook on things.

The other way to look at insurance is that it should be in large pools of people to spread out risk. Your way is dividing people into ever smaller groups, often with no scientific basis for doing so, for the purpose of charging them more. That's also consistent with the libertarian 'I've got mine so fuck you' philosophy of life.

So you're in risk pool A for car insurance. Risk pool A says (secretly from you of course) that X number of drivers are going to have $Y in payable claims in a year. The pool is charged accordingly. Now you're one of the X people that year. Let's say their model is right overall. They're STILL going to charge you more even though your rate was right the first time and they'll put you in some other pool made up of other BS statistics because despite their model having been right overall, you don't know that, nobody audits or enforces it, and for smaller non catastrophic claims your increase will cover the cost of the claim that you paid them to take on the risk for.

That's not insurance, that's extortion, and it's actually what's 'not fair', not the notion that you libertarian special snowflakes might actually contribute to some pool of money that just might benefit someone else somehow without your express written consent and case by case approval that you'd never give because selfishness is all that matters.

Re:No.

[inode_buddha]

.... that is the BEST idea I have heard so far this year! Bravo! Somebody mod this guy up!

Re:No.

Hope you get over that infection very soon and get to enjoy life again.

True what you say about health being precarious.
In fact, life is precarious.

Re:No.

[bigdavex]

I think health insurance is for everyone, because the risk of having expensive health problems exists for just about everyone, especially if health issues due to accidents are included. This is similar to automobile insurance - everyone who drives carries insurance, not just the bad drivers.

Health insurance is not at all like the required automobile insurance. Everyone is required to buy liability insurance for their car. Everyone must insure against the damage he does with the vehicle, not damage done to the vehicle. So the equivalent of the required automobile insurance is personal liability insurance, which is not required.

The justification for the health insurance mandate is that society isn't willing to let the uninsured die. Society is willing to let the uninsured go carless.

Re:No.

It sounds like you have first hand experience with ambulance services. I live a little over a mile from my local hospital. Last time I took an ambulance to get there I received a bill for $550. Just for the ambulance ride. If it was less than $20, I would consider paying it. However, given the absurd amount they were asking for I tossed the bill in the trash can with a clear conscience. No what happens when you don't pay an ambulance bill? Absoultely nothing. They stop sending bills to you after a while.

Re:No.

[apraetor]

No, insurance is for people in all kinds of health to cover the risk of illness or injury.

Re:No.

[JohnFen]

Modern health insurance is essentially worthless. If you are insured and suffer a major medical problem, you're still going to be ruined.

Re:No.

[JohnFen]

The justification for the health insurance mandate is that society isn't willing to let the uninsured die.

Instead, society is willing to ensure that lots of Americans will remain in legally enforced poverty.

Re:No.

[JohnFen]

Note that the first is illegal under the ACA, and the second is likely either illegal or actionable under the ADA.

Yeah, so what? Lots of things that are commonly done (particularly by big businesses) are illegal. That doesn't mean they won't do them, and it doesn't mean you have any real recourse when they do.

Re: No.

Post a link here then? What's your real name and address?

Re:No.

[bmo]

Nobody does phone patches anymore,

Funny, my neighbor does.

--
BMO

Re: No.

[jmcvetta]

That's a feature, not a bug!

Re: No.

Aww, so cute... you believe Duh Law is there to protect commoners. Did you send your Christmas list to Santa Claus yet?

Re: No.

[Gonoff]

There may well be an obesity "epidemic" but until they start to classify an adult with a BMI of 18 as "morbidly thin", I will not see some identifications of "morbidly obese" as anything than a fashion statement.

Re: No.

[cyber-vandal]

There aren't many adults with a BMI that low. There are many above 30. There are few people starving but there are millions eating themselves to death.

Re:No.

[skids]

The justification for the health insurance mandate is that society isn't willing to let the uninsured die.

And even in the self-serving viewpoint, this still applies, as care for the uninsured drains the important resource of people who feel morally obliged to help the sick or wounded for everyone, including premium payers. Except for the pathological cases, most people get this and don't think that punishing doctors and nurses to de-incentivise charity in the medical occupation is a worthwhile societal endeavor. So below a certain baseline of care, it is indeed like automotive liability insurance.

All analogies break down eventually, of course.

Proper administration of insurance programs is a fine balancing act between limiting moral hazard and providing the financial security necessary for a modern economy. Trying to apply simple first principles of political agendas directly to an advanced ethical system is a sophomoric exercise in futility, which is why, even were it not for greed and corruption, the general public would still be left out of the loop.

Re: No.

[skids]

Really I think people personalize this issue way too much. Some aggregate data sets could be just as dangerous to society at large as individual records could be to an individual. A powerful and unprincipled entity running a big data operation could find various ways to manipulate sub-populations to their own advantage or according to some perverse ideology, and the more data they have the more likely this will happen. Even well meaning entities could manage to royally screw things up through unintended consequences, but if the data is first acquired by taking advantage of lax security or IT bugs, odds are higher the agency doing so has few good principles, much less a competent organizational structure supervising use of the data.

Re:No.

Doesn't matter when any govt agency (or employee) can get any and all info at their whim and disperse it to whoever they please.
I have an elderly friend who has a untrained caretaker (ie a person to help with daily chores). This person has a complete medical history of said friend (due to state involvement), for reasons unknown. So might as well store the info in the cloud, as it really doesn't matter anyways.

Re: No.

[Gonoff]

Not many people sure, but they are very influential. When I can see the ribs and collar bones of models then well, they are seriously unwell.

Also if 18 is morbid, 20 is still pretty unhealthy and there are lots of these.

Re:No.

[DontTrustWhatIType]

Q: Should you store anything in the cloud?

A: Only if you don't care if everyone in the world sees it and tries to use it against you.

Funny, but largely not true.

All you need to do is count the number of breaches on medical data and you will find a startling fact: On-prem (i.e., non-Cloud) is two orders of magnitude higher risk to you, the patient, than the Cloud. Securing data in AWS / Azure / EMC hosted environments is easier and safer than on-prem.

Is it possible to screw up in the cloud? Yes. Is it possible for the NSA/CIA/FBI/Local law enforcement to get at your data through 3rd parties that are hosting it? Yup, but same with on-prem. Does the NSA/CIA/etc... already have access to all data on the cloud? Nope. Not even close.

The cloud is not a happy safe place, but it is MUCH safer than any of the current alternatives.

Re: No.

[Cinnamon+Beige]

Actually, from a medical standpoint BMI is a worse than bad measure--it basically assumes you've got a certain bone:fat:muscle ratio, which pretty automatically means it will start saying interesting things if you're not of the correct ancestry and lifestyle...and by lifestyle I mean it was developed to get it roughly okay maybe if your athletic endeavors are along the lines of 'middle manager who occasionally takes a walk for relaxation.' (Correct ancestry is a bit harder to pin down; probably Belgian given where it was developed.)

Oh, and it's utterly useless for kids because they're not even physically scaled-down adults.

Basically, if you're an athlete it's almost certainly going to insist you're morbidly obese, and if you want something that sucks? Try being where you're having trouble keeping a safe distance away from anorexia athletica--which has serious lifetime consequences--and getting people trying to get you to lose weight anyway because they consider the BMI accurate despite any and all evidence.

Re:No.

Come on guy do you really think insurance companies and employers won't use this information against you? Do you think they care if it is illegal or not?

Wake up and smell the coffee.

Re:No.

[Cinnamon+Beige]

The justification for the health insurance mandate is that society isn't willing to let the uninsured die.

And even in the self-serving viewpoint, this still applies, as care for the uninsured drains the important resource of people who feel morally obliged to help the sick or wounded for everyone, including premium payers. Except for the pathological cases, most people get this and don't think that punishing doctors and nurses to de-incentivise charity in the medical occupation is a worthwhile societal endeavor. So below a certain baseline of care, it is indeed like automotive liability insurance.

You do realize you just described the behavior of the Federal government as pathological, right? If you choose to accept Medicare/Medicaid, you actually pretty much have to stop being willing to treat anybody for free because the laws and regulations are written in such a way that this counts as your new lowest price which is the one the government will pay (eventually, if it decides to pay).

The problem is that with how health insurance is going? Insurance isn't worth the money: what you're getting is effectively a catastrophic policy wrapped up with what may be a decent prescription drug policy, except you're being both sold and charged for a policy that (allegedly) covers distinctly more. If you wanted to avoid the problems of perverse results and incentives, it probably would have been vastly easier and more effective to either start health savings accounts, underwriting charitable clinics, or both.

But that kind of falls under the same reason as why you don't want to have medical records on the cloud--while I can very much assure you that yes, paper records are risky, my own got entirely lost, the privacy risks remain since there's absolutely no requirement for the records going through even the most basic levels of data sanitation or security...and, honestly, you can and almost certainly will get the same kinds of problems with electronic records on top of all the other risks.

It would be cheap and easy to just use a patient ID number on the records kept electronically, with the list that translates the ID numbers to names and contact information kept...not on the cloud, if it's kept electronically. It's a method used in research when you need to balance the anonymity of your research subjects but still be able to do follow-ups, because having the list means you can keep their identities as need-to-know information.

A problem can exist without the most shiny technological solution being the perfect one. The method I mention has been used for decades, if not centuries--though I suspect its earliest adopters were people engaged in espionage and less-than-legal activities.

Re:No.

[david_thornley]

Not with my medical insurance. My heart attack was pretty much a non-event financially, although much of that was due to my employer (I continued getting paid while I recovered).

Re:No.

[skids]

You do realize you just described the behavior of the Federal government as pathological, right?

The legislature is, arguably, on balance. It's hard to make such a call on the other branches; they are such a mixed bag.

Don't know what insurance you have, but mine pays out pretty well for non-catastrophic, non-prescription purposes -- to our mutual benefit. I don't particularly mind paying more in premiums than I receive in services some years, the security is worth it. They probably saved themselves from substantial risk of treating me for a life-threatening illness years earlier than they now face.

Simply anonymizing data sets is no longer sufficient. There's so much data out there that medical records can be linked to individuals with a high degree of certainty.

Re:No.

[sjames]

Part of the problem in the U.S. is that insurance is misused in healthcare based on the principle every small child "knows": If you shift the spinach back and forth on your plate long enough, it eventually disappears.

Re: No.

[cyber-vandal]

And those models are heavily criticised for promoting eating disorders whilst someone like Tess Holliday is held up as an example of body positivity when being that size is extremely dangerous. BMI may not be perfect but all I hear is denial, not a better alternative.

Re: No.

[cyber-vandal]

Every argument against BMI is based on outliers and denial. OMG rugby players are obese so it doesn't matter that my BMI is 45. If your doctor is concerned about your weight then you should be listening to them, not trying to pretend the issue doesn't exist. Food addicts are just like any other addicts: they look for justifications as to why their addiction isn't bad.

Re: No.

My employer doesn't buy me insurance, so I got to see lots of plans that cost enough that I couldn't afford any expenses it didn't cover...and none of them had a deductible I could meet short of something catastrophic. I do have some recurring expenses, but protip

Re: No.

[Cinnamon+Beige]

Oh, I've never had anybody who is actually licensed to practice medicine telling me to lose weight based on my BMI. I have, however, had a lot of morons who aren't the least bit qualified or licensed doing it. I'm not going to attempt to guess how much of this is because the BMI is an antique and outmoded metric.

I will admit that it's apparently still pretty good when you're trying to analyze an adult population of sufficient size for the law of large numbers to give you a hand, but even then we've better equations that don't make weird assumptions about how the human body is made up...some of which have as the sole additional thing you need to calculate being the ability to do math problems that include decimal numbers. Ultimately, it's like a spherical cow: it's a highly simplified model that is useful only in very specific abstract and/or statistical circumstances, generally not at all wise to apply outside of those circumstances, and almost certain to get replaced with a better model...while people outside of the scientific field it's from will hold onto it beyond any reason describable to those who are in the associated field. (Seriously you can get vastly more accurate results as easily as using a few more digits, what is wrong with you people!?)

Re:No.

[Cinnamon+Beige]

Apparently /. mobile edition has a hotkey to post without asking questions I somehow stumbled across...

You do realize you just described the behavior of the Federal government as pathological, right?

The legislature is, arguably, on balance. It's hard to make such a call on the other branches; they are such a mixed bag.

No arguments there, really, though I'd say that simply failing to address the issue is sufficient to make it merely a question of what the pathology in question is.

Don't know what insurance you have, but mine pays out pretty well for non-catastrophic, non-prescription purposes -- to our mutual benefit. I don't particularly mind paying more in premiums than I receive in services some years, the security is worth it. They probably saved themselves from substantial risk of treating me for a life-threatening illness years earlier than they now face.

Since my employer doesn't buy me insurance, I got to look through my pick of plans and I paid attention to what gets covered and what the deductibles are, and most had the deductibles high enough that functionally it would be catastrophic coverage--except, really, I'd not be able to afford the premiums by the time it actually started covering much outside of the prescription benefits... I'm fine with the idea of paying more in premiums than I get in services most years; I just don't want to be told that a policy that is very unlikely to cover any services any year is a full health insurance plan.

It's kind of like getting sold stake and being served chicken--you might not be against chicken, but if you wanted it you'd have ordered it, and at chicken prices instead of stake prices.

Simply anonymizing data sets is no longer sufficient. There's so much data out there that medical records can be linked to individuals with a high degree of certainty.

The simple methods of anonymizing data sets certainly aren't sufficient. I know because I've been around enough people doing biomedical research that there's protocols developed for that, too--but honestly I don't expect even the bare bones anonymizing protocols, as the consequences for data breeches for those being entrusted with this are functionally nonexistent.

Basically? This has all the same problems as pretty much every single other type of personal data: there's no positive obligation to secure them, so bet on next to nil until it costs them to not secure it.

Re: No.

[cyber-vandal]

So what's your easy to understand rule of thumb as to whether someone is overweight / obese or not? BMI isn't the be all and end all but all I've heard is that it's shit due to powerlifters, not what should be used instead.

Re: No.

[Cinnamon+Beige]

Well, since I presume you want citations you can view instead of textbooks from bio classes... I'm going to start you with a news article that covers such things as the fact that even its inventor said it was not for use with individuals, then direct you to a a medical news site that gives some of the alternates and covers the history, along with a site that has how to work a couple of the alternates. There's quite a bit of scientific lit on the whole topic of its accuracy and validity; you're on your own there, but yes, both things are different and are important for a measure to be much good.

As for the easy-to-understand rule of thumb? The waist-to-hip ratio is probably is the most simple one to work, but you actually have to take out a tape measure----natural waist to widest part of hips; greater than 0.85 for women and 1 for men is usually given as the mark for obesity. I prefer flat-out body fat measuring, and the one that just tweaks the exponent and constant can be found in its raw form and in a calculator form on the list I gave. (That said, I think my doctors just eyeballed my waist to hip ratio, considered my build, and the fact that I tend to forget to eat...)

Really, the thing that ought to be surprising isn't that the BMI is not a good measure on the individual level but that, over a sufficiently large population, it is safe to assume everybody is a white adult male office worker.

Re: No.

[cyber-vandal]

I agree with hip to waist ratio although I've a feeling that it won't give the most vociferous BMI deniers the validation they seek. Calipers aren't great and immersing in water isn't really very practical. In any case focusing on the fact that the measure isn't perfect instead of recognising that there is a significant problem with obesity is not helping anyone.

Re: No.

[Cinnamon+Beige]

And this is how I know you're not much into biomedical sciences, since I'm generally not comfortable with keeping in use a measure that relies on the law of large numbers when that use contributes to people developing a fetishistic attachment to using it on an individual level...and if you don't understand the problem, you might want to read up a bit on error in statistics.

As for the rest--if you're fine with the process and have somebody trained to use it, calipers have serious perks (how your body distributes fat has health implications), immersing in water is the most practical way of being absolutely sure of the body's density, and you've been ignoring my point that there's serious problems with having people who are not licensed to practice medicine pressuring people who are not be obese to lose weight. The solution to the obesity epidemic should not be fueling the eating disorder epidemic.

Re: No.

[cyber-vandal]

I've ignored your point because I'm not entirely sure where you're going with it. You say assholes have told you to lose weight. Who are they? No I'm not a biologist, I'm someone who knows how much more comfortable it is to be at a BMI of 23 than 33.

Re: No.

[Cinnamon+Beige]

I am in the bio field and know somebody whose athletic career was pretty much destroyed by anorexia athletica. (I suggest you try looking it up.)

Also, I'm still trying to figure out how you've managed to miss the whole problem with girls becoming more and more prone to eating disorders; these all have long-term serious health consequences even when they're not fatal, and a decent part of this is because the body image girls are pushed to adopt are ones that owe a lot to models who may well be underweight even for their build & image manipulation. It's generally most comfortable if you're female to not have people harassing you for not being supermodel-picture thin.

If you have forgotten, this whole discussion is about if somebody's should trust their daughter's medical records to the cloud, and this thread traces back to somebody pointing out that adservs might pull out her BMI and start shoving ads for diet aids at her.

I don't know if you have ever noticed but adservs are quite stupid, and in my experience the diets you see ads for online are pretty reliably snake oil--they might work, but about the safest thing that'd cause you to lose weight at that rate would be tapeworms, plus bad dieting practices can wreck your metabolism for life.

Re: No.

[cyber-vandal]

So who's been telling you to lose weight?

Possible, but difficult

Cloud storage can certainly be done secure. Consider tarsnap for a service doing exactly that. It also shows the central issue that must be addressed: full client side encryption. The cloud provider should have no access to identifying information and no access to the keying material itself. As long as that is ensured, cloud storage can be secure.

Re:Possible, but difficult

Cloud storage can certainly be done secure.

Yes it can.

But it never is.

Doing *ANYTHING* properly and securely requires a lot of time, effort and money. Your company's employees are lazy and stupid, and following strict rules is too inconvenient and too much work. Your company's management only cares about cutting expenses because less spending = more promotions and bigger bonuses, AND, when a major breach occurs, the people who refused to allocate the necessary resources to prevent it from happening, are rarely the people who get fired.

Re:Possible, but difficult

[david_thornley]

Cloud operations are typically done by (or at least under the supervision of) competent people. This is not necessarily the case in non-cloud servers.

AWS doesn't want to drive people away, so they have incentive not to screw up too badly. Again, this is not necessarily the case for private servers.

Neither solution is perfect. Both are usually workable.

In a word

No.

The fact that "everybody is doing it" does not imply it is in any way or form a good idea.

No. (Next.)

What HIPAA guarantees does CareMonkey make?

Read the fine print carefully, I'm sure there are loop holes the size of Montana.

Re:No. (Next.)

I could not find HIPAA compliance statement on any page of that company, so I would say NO. What happens when this company goes belly up and will sell all "assets" that include your health record to the highest bidder?

Re:No. (Next.)

We have implemented Ostendio’s MyVCM to ensure we operate a robust information security and privacy program in accordance with relevant industry standards and required regulations, including HIPAA and FERPA.

Looks like they use some framework designed to facilitate HIPAA compliance.

Re: No. (Next.)

The OP is from the UK where we've never heard of HIPAA. Also health insurance for our National Health Service is the same regardless of ailments.

Re:No. (Next.)

[nbauman]

What HIPAA guarantees does CareMonkey make?

Read the fine print carefully, I'm sure there are loop holes the size of Montana.

One of the loopholes in HIPAA is that law enforcement has access to the medical records. Another loophole is that any judge can issue a subpoena for your medical records in a criminal or civil case if it's in "the interests of justice." https://en.wikipedia.org/wiki/...

Re:No. (Next.)

how is that a loophole around HIPAA?, whether they are in the cloud, a datacentre of your company or a filing cabinet of a doctors office they are available via subpoena.

No (Next)

What HIPAA guarantees does CareMonkey make?

Who's going to be viewing your daughters medical records - Do you trust everyone in CareMonkey, everyone in AWS?

Read the fine print I'm sure there are loopholes the size of Montana.

Re: No (Next)

Echo!

Specific reason

[Archfeld]

Why is he required to give a specific reason ? Either give your authorization a withhold it, and do not volunteer a specific reason for or against the use. I personally don't see a reason why not IF the storage vendor can qualify as HIPAA complaint it seems like a decent idea, but I can see where the possibility of leaked data can have a negative impact on continued health care coverage as well as the impact on future coverage in both healthcare and life insurance, not to mention employment issues.

Re:Specific reason

[magarity]

IF the storage vendor can qualify as HIPAA complaint

There's no qualification or certification or anything for HIPAA. It's just a legal and regulatory set of requirements. Most (not all) of the major health insurers have suffered data theft and they're all covered by HIPAA. When it happens they get a fine and some news coverage and the data is out in the wild anyway. The same goes for this outfit doing the data storage on AWS.

Re:Specific reason

[TheGratefulNet]

nice attempt at trying to turn it around (not the poster, the article).

having to give a reason is so backwards! they should have a good reason TO put it online.

my answer would be flat out 'no'. period. full stop.

if they insist on an answer why, simply say 'I have some background in computer security, that's why'.

doubtful they will push further than that.

amazing that some people that you'd think would be smart, suggest such bone-headed ideas.

have we not had almost a weekly break-in news article about this or that data breech?

just WHY would anyone suggest putting med info online - its clearly because they stand to make money from it, but they could care less if data gets out.

now, make them $1M liable for any breech and we'll talk. and I want the money in escrow, first, before I believe you.

Re:Specific reason

[Archfeld]

There are certain rules. Data encryption both in storage and in flight are a requirement. There are also reporting time requirements for security breaches as well as periodic auditing requirements, but essentially you are correct. You just have to be able to show that you have a plan and a set of rules in place to deal with possible failures and that you have taken basic steps to ensure the security of the data.

Re:Specific reason

The problem is they lie about the planning and steps. The requirement is to fill out forms, not actually do anything.

Re:Specific reason

[vtcodger]

"having to give a reason is so backwards! they should have a good reason TO put it online."

Reasonably secure offfsite storage that is (presumably) easy to integrate with the school's existing IT. It'll be embarassing if an electrical fire in the school office incinerates all the school records and it turns out there is no paper or digital backup.

The problem of course is that many (most?) IT professionals have substantial doubts that the "secure" part of "secure offsite storage" is doable with 2016 cloud technology.

Re:Specific reason

[dcollins]

It was awkwardly phrased, but I read that not as the OP needing to give a reason to the school, but rather Slashdot wanting to see a reason from posters, so as to make an interesting discussion thread.

Re:Specific reason

There are certain rules. Data encryption both in storage and in flight are a requirement. There are also reporting time requirements for security breaches as well as periodic auditing requirements, but essentially you are correct. You just have to be able to show that you have a plan and a set of rules in place to deal with possible failures and that you have taken basic steps to ensure the security of the data.

Well your right but here is how it is on real life. I pen test for HIPPA requirements yes I am the guy doing the periodic auditing and let me tell you security is a disaster at EVERY! hospital I have tested. Some sites which I have tested several years in a row have fixed nothing the next year I come around. One major hospital I tested and raped the network and all patient data the Domain Administrator's password was password. (I'm not kidding) I come back the next year and the password is still the same. Hell I checked Fred Flintstone into the hospital and scheduled him for surgery the next day. Like I said did they fix anything after their audit? No not a thing.

With PCI/DSS their are controls in place you don't clean up your network you can't take credit cards. VISA will cut you off. With HIPPA there is not enforcement so hospitals just go through the motions. With a business not taking credit cards means you lose money so you have a reason to actually secure their network. With healthcare since their is no enforcement and no threat of the healthcare company losing money nothing is fixed and your personal information is just hanging out there for the taking. HIPPA is a joke.

Shoild this guy be worried about his children's records? YES. Are they safe on AWS? NO. Did you know that what you think is internal traffic on AWS might be routed over the public network? I could be. I have tested AWS where a company had several internal subnets on AWS. Let's say you have a server at 10.0.2.10 and another on a different network of 10.10.0.12. You would think that the routing would all be internal. A trace route between these two may show public IP addresses between these two systems. That means your traffic for a time in on the public network. Not the right or proper thing to do. Yes this caused big problems for a client when I found this his card data was going over an open network unencrypted and he thought it was all internal.

The scary part is not the records but the fact that you could get killed by this insecure network. Drug pumps, EKG machines, and heart monitors are all on the same network with the Nurses computer and they all have internet access. If you are hooked up the a drug pump running XP embedded and somebody hacks the pump they could give you hot shot. Think about that.

In 20 years of testing and auditing I have never seen a secure healthcare network.

The password protecting all your records could very easily be "password". Think about that. I'm not kidding.

Re:Specific reason

[Archfeld]

You are preaching to the choir, I worked in the banking industry for quite some time in the contingency recovery department. Banks have to have their secure data backed up and a plan in place to prevent them from being closed for more than 3 consecutive days. The hoops we jumped though and the crap that was put forth would resemble what you have described greatly.

Does HIPAA allow this?

Isn't this like blood in the water for class action sharks I mean lawyers?

Not only no

But HELL NO. Time and time again we see "the cloud" is somebody's wide open mongodb instance that the whole world has read access to.

Re: Not only no

But then we'll have less fappenings, cause ya know we haven't learned anything. Oh and dic pix...

Re: Not only no

I dunno about you but I'm not really interested in J-Law's colonoscopy records.

No.

[bmo]

No.

There is already something called MedicAlert, run by the MedicAlert foundation. It's those little bracelets that have a number on the back and EMTs and other emergency professionals seeing these are trained to do a lookup.

It's a system that works that doesn't need "the cloud." You don't even need a computer or smartphone to access the system. Just a phone. Which means it will work where there is no cell service and can work where there isn't even phone lines - radio operators can do a phone patch.

It's /better/ than "cloud based systems" that needs fancy hardware to access which we have seen to be poorly run and insecure.

--
BMO

Um....obvious answer...

Should you store medical data on someone's cloud server?....heck no.

Should you store medical data on someone's cloud server that **you know from personal experience not very secure** just because they say yep it's secure?.....I guess there really are stupid questions after all.

Re: Um....obvious answer...

Good luck with that, many medical providers store patient data on cloud servers, like Athena.

Yeah. Why not?

[fustakrakich]

We can all stop pretending we have any privacy. I like the idea of a doctor having access no matter where I am.

Re:Yeah. Why not?

[bmo]

I was going to post an argument why your assertion is wrong, that just because some privacy has disappeared that we should give up all of it.

I'm just going to ask you:

What is your bank account number, DOB, last 4 digits of your SSN, and mother's maiden name?

--
BMO

Re:Yeah. Why not?

I suspect that HIPPA and general lack of tech savvyness prevent your doctor from pulling up your medical records pronto. The newfangled Hawaii 5-0 where they can pull up any info on anybody is still just a fictional creation. If only.

Re:Yeah. Why not?

So you are declaring that you are a doctor then? Doctor bmo?

Re:Yeah. Why not?

[bmo]

It's a good thing you decided to post as AC, because if I was going to post what you just posted, I would hate it if people thought I was as dumb as your post.

--
BMO

Re:Yeah. Why not?

That was part of the point he was trying to make - it's not about "a doctor", it's about a fucking school that wants to store private medical details with a commercial company that uses AWS. Those are three partys, none of which should have access to medical data.

Re:Yeah. Why not?

[BitterOak]

We can all stop pretending we have any privacy. I like the idea of a doctor having access no matter where I am.

That's easy to say when you're relatively healthy, and doctor visits have been for routine things like throat infections, a broken arm, maybe an appendix out, but you might feel differently if you're diagnosed with a mental illness, an awkward venereal disease, or something else you'd like to keep private. Once you agree to this scheme, it might be hard to get out of it.

Re:Yeah. Why not?

[Oligonicella]

Then you of course, may sign the waiver. My doctor keeps paper records. That's a level of privacy digital information does not possess.

Re:Yeah. Why not?

[Antique+Geekmeister]

It's not "the doctor having access". It's the access by unknown and untraceable third party staff members. Medical information contains a great deal of privileged information, including the identity of family members, family history, billing addresses with credit card information and social security number. It also includes data that workplaces are not allowed to ask about, such as age, chronic illnesses, and pregnancy. Such information is also politically very sensitive: discovering that a political opponent has been treated for a venereal disease or depression finding that a female candidate is pregnant, or discovering that a right wing candidates children have had abortions, can be political gold.

Re:Yeah. Why not?

[Antique+Geekmeister]

> it's about a fucking school that wants to store private medical details

Schools need at least the student's immmunization records, doctor contact information, history of allergies, and a record of treatments received at the school.

Re:Yeah. Why not?

Schools need at least the student's immmunization records, doctor contact information, history of allergies, and a record of treatments received at the school.

For the last part, the school would have to maintain that for themself, a school nurse cant (legally) threat more than boo-boo's. The rest, still none of their business. There isn't a law for students to be immunized (no matter how loud some groups are screaming for it), they dont need to know what doctor a student is seeing (think, "hey, why is that 14 year old girl going to a gynocologist, is she pregnant, we have to call an exorcist!!" etc).... again, it's a school, not a medical care center.

Re:Yeah. Why not?

[techno-vampire]

Exactly. Paper records are far more secure than digital ones can ever be because you need to get physical access to examine them. Anybody who trusts any of their private information to the cloud is nothing but a common, ordinary F-O-O-L.

Re:Yeah. Why not?

We can all stop pretending we have any privacy. I like the idea of a doctor having access no matter where I am.

Obvious troll is obvious.

Re:Yeah. Why not?

[rudy_wayne]

> it's about a fucking school that wants to store private medical details

Schools need at least the student's immmunization records, doctor contact information, history of allergies, and a record of treatments received at the school.

OK. That's a fair point. Except this information was not instantly electronically available in the past and schools seemed to do just fine.

This is another example of "Just because you can do something doesn't mean you should"

Re:Yeah. Why not?

(s)he, does not have to put it in the cloud to do this. If he has it on his server he could RDP in to his office and access it that way, why would you want your doctor to trust your confidential information to the cloud.

Re:Yeah. Why not?

[fustakrakich]

All connected computers are "in the cloud", by default. The entire internet is a giant party line. The doc's server is just as vulnerable. RDP? My god! How can the cloud be any worse?

Re:Yeah. Why not?

[Sir+Holo]

We can all stop pretending we have any privacy. I like the idea of a doctor having access no matter where I am.

You've obviously never been a person randomly selected for a 'frame job'. They really do occur.

Re:Yeah. Why not?

[fustakrakich]

Yeah, it's already too easy to make shit up, and it's the listeners who believe and act in bad faith that are to blame for making it so easy. Everybody is wagging the dog.

Re:Yeah. Why not?

[Rockoon]

Paper records are far more secure than digital ones

..and their uptime is more reliable.

Re:Yeah. Why not?

[robot5x]

This exact problem has already been solved for a number of years, here in New Zealand of all places.

The government recognised there is a public health issue in school vaccinators/GPs having up to date info on immunisations, so they could schedule vaccination programmes and quickly know where low coverage rates existed in case of an outbreak.

So - the school carries out vaccinations, and the details get electronically transmitted (using HL7 protocol) to a central register managed/hosted by the ministry of health. Similarly, if a kid goes to their doctor and gets a jab there, the GP uses their own local system to query that register, download details of other immunisation events, and add ones they do there. It all syncs with this central register, and seems to work very well.

That way, in case of an outbreak in a particular region, they can easily know who is at risk and send nurses into a specific school to notify teachers and parents.

This is the *only* use case other than allergies I can imagine schools needing any contact with medical info, and even then - they should not be storing it locally or via any kind of cloud site, if an effective solution like this can be done in a small country like NZ. Is there a reason something similar couldn't be done centrally in the US, with federal/govt money or is the system that deregulated?

Re:Yeah. Why not?

until a pipe bursts or you have a fire

Re:Yeah. Why not?

[Rockoon]

patients arent being treated at the burning facility

Re:Yeah. Why not?

[nbauman]

> it's about a fucking school that wants to store private medical details

Schools need at least the student's immmunization records, doctor contact information, history of allergies, and a record of treatments received at the school.

How much information do they need? Doctor contact information and immunization should be enough. Very few schools treat students at the school any more.

Re:Yeah. Why not?

[Antique+Geekmeister]

> How much information do they need?

That is a key question. Schools are often the available caregivers, with the legal responsibilities described as "in loco parentis". They are responsible for the child's safety on the school grounds, including the child's medical safety. How much information does a nanny, a babysitter, or an athletic coach nned to handle emergencies? Anaphylactic shock from a bee-sting or peanut allergy can kill within 30 minutes, much too long to obtain medical records from a highly secured third-party system. If a caregiver doesn't know about the condition and doesn't have the right tools available, this can be fatal. Asthma, epilepsy, and diabetes can all create dangerous and confusing reactions for children who may themselves panic and not be able to self-diagnose. And since the discovery of AIDS, schools have understandably become much more aware and cautious about long-term infections, even if the parents and their teachers try to provide as "normal" a life as possible for the child and keep quiet their illnesses.

I also recall a child from long ago, when I was much younger. He had cystic fibrosis, and his school needed very extensive medical records. He was a wonderful child, one of those chronically ill people who appreciates that every breath might be their last and lives life to its absolute fulleest. The school and community, collaborated to help him attend normal school. His family's friends, and soon his own friends who happened to be adults, provided the extra hands-on medical care the school could not possibly afford. I was asked to help because I was the only one available who could visit after school lunch and who would _beat_ him properly. He needed chest percussion several times a day to help him cough up mucus. There are some technological replacements for this chest percussion now. But to the best of my knowledge it's still most effective done by hand, and preferably by a friend who appreciates that they are saving the child's life.

It's an odd talent, but one I treasured being able to share with the child. I'm sure he died decades ago: cystic fibrosis patients don't have a long life expectancy. But the lessons about living life to the fullest resonate: I hope to have some small fraction of his courage and zest for life as I age further.

Re:Yeah. Why not?

[cellocgw]

It's a good thing you decided to post as AC, because if I was going to post what you just posted, I would hate it if people thought I was as dumb as your post.

Can't resist pointing out that here's a case where being as dumb as "your post" is equivalent to being as dumb as a post.

Re:Yeah. Why not?

[JohnFen]

Schools are often the available caregivers, with the legal responsibilities described as "in loco parentis". They are responsible for the child's safety on the school grounds, including the child's medical safety.

In my area, schools provide zero medical attention to students. They literally aren't even allowed to apply bandages. If a student has a medical problem that requires attention, the school just calls the parents or, if it's urgent enough, an ambulance. In that situation, all of the information the school actually needs can be covered with a MedicAlert bracelet.

They don't even need immunization records: parents are expected to supply proof of immunzation, so parents keep the records.

Re:Yeah. Why not?

[Antique+Geekmeister]

> In my area, schools provide zero medical attention to students. They literally aren't even allowed to apply bandages.

Really? That may be fiscal and legal. The schools I've dealt with were in fairly large school districts, with at least one school nurse on staff and any treatment administered in that nurse's clinic space.

Can you verify that they're not allowed to handle epinephrine pens? The anaphylactic shock from profound allergies can kill within 30 minutes, much too long to be confident of a timely ambulance response or parental arrival at the school.

Re:Yeah. Why not?

[nbauman]

My understanding is that the grade school and high school nurses of years ago have been cut from the budgets of most schools. I'd be happy to find out otherwise, but I expect that only the most affluent schools have nurses.

In New York City, they don't have school nurses doing screening for vision problems any more. There was some deal recently where the City paid for an outside contractor to come in and do vision exams at an exorbitant price.

Colleges and universities don't have clinics any more, where students with a virus that's going around could spend a night or two. The schools just send them home.

Re:Yeah. Why not?

[RockDoctor]

Very few schools treat students at the school any more.

And nor should they, for anything more complicated than applying sticking plaster, extinguishing burning flesh, diluting topical corrosive chemicals, applying pressure bandages to major bleeds, and using the defibrillator. Everything else, it's either parent collects child from school, or school takes child to emergency room, where parent collects child. Apart from the sticking plaster, the rest would probably require police and ambulance to the school anyway.

Re:Yeah. Why not?

[Sir+Holo]

Yeah, it's already too easy to make shit up, and it's the listeners who believe and act in bad faith that are to blame for making it so easy. Everybody is wagging the dog.

At least one other person has their eyes open. Thanks.

Re:Yeah. Why not?

We can all stop pretending we have any privacy.

Its people like you and you attitude is the reason we have no privacy you care nothing about others and only for yourself. I do hope you personal data is breached and your life ruined or maybe you'll end up in a hospital on a drug pump and die from an overdose because someone hacked into the pump. I'm sure you'll want your Doctor to have easy access then.

Once your data is breached and you life ruined you'll then understand the reason for privacy.

Re:Yeah. Why not?

Oh please! Stop being such a drama queen! You people are so politically correct. Just stop...

Re:Yeah. Why not?

[sjames]

None of those require that the school have extensive medical records. They only need to know the condition, any restrictions it imposes, and the recommended first aid for the condition.

Yes, CF needs more than the others since it is a constant thing and requires regular treatment, but even there they don't need a complete history, only what must be done now and contact info for the primary physician.

Re:Yeah. Why not?

[sjames]

You still need backups, of course. Without backups, the situations you mention will quickly wipe out electronic records.

No, don't even think about it

Unless your daughter has a condition that requires very specific knowledge then the answer is no.

I would think about it if say she was highly allergic to something, and it could kill her. But in reality I doubt it is as "integrated" and used as advertised to make much difference, so the answer is still no in that case. Better to have her wear a medical tag/bracelet with that information on it.

Re:No, don't even think about it

[magarity]

Unless your daughter has a condition that requires very specific knowledge

Then it would be even worse to risk having one's health data stolen. Imagine when she's grown up and is surruptitiously denied employment over it.

No

I have yet to see a cloud storage company that was HIPA compliant.

Re:No

[Tailhook]

AWS signs HIPAA Business Associate Agreements with covered entities every day. There is a subset of services (EC2, S3, EBS, etc.) that meet HIPAA requirements and I know for fact that CMS approves of such systems. So, whatever your notion of "HIPA" (sic) compliance is, there is plenty of HIPAA covered PHI on at least one major cloud provider.

Error on the site

If CareMonkey can't tell the difference between Demos and Demo's (first tab as soon as you get onto their site), then what makes me think they know the difference between the different security protocols? Sure it's just a stupid thing on their website, but small things matter when you start to dig into the details.

Re:Error on the site

I don't think spelling mistakes should disqualify someone's technical prowess. One of the smartest cryptographers I know cannot help but type "allready" (with two l's) every single time, but that's probably because English is not his first language.

Replace "the cloud"

[Bizzeh]

Replace "the cloud" in everything written with "some virtual machine(s) somewhere within an amazon data centre in a specified location", otherwise known as, a virtual private server.

The cloud is a fancy sales word for a set of scripts that a VPS provider uses to make it easier to deploy to and manage their VPS system. Nothing more, there is no more risk in putting medical info on a "cloud" server than there is on any other internet facing server, not that all cloud servers are cloud facing.

For example, i have several azure mssql cloud instances, none are internet facing, but still afford the scaling that "cloud" services give.

Re:Replace "the cloud"

[Kjella]

Well, except the whole part about "the cloud" is that you don't particularly know or care where the server is, who's running it or who's got admin access. It just scales up and down, they provision something for you somewhere on some hardware. If you only look at external hackers then sure internet facing == internet facing and if that's the only threat scenario you care about, fine. Go put it in the cloud.

Re:Replace "the cloud"

I get it, you are saying that "the cloud" is just some set of virtual servers and all. True enough. But it is simpler to replace all instances of "the cloud" with "someone else's computer". For example:

"Should I allow my daughter's medical data to be stored in the cloud?" would become:

"Should I allow my daughter's medical data to be stored on someone else's computer?"

It doesn't matter that it is a VM created by a script running against some massive storage in a data center. The thing that matters is that it isn't yours. Now, we can all argue until we are blue in the face whether that is good or bad. Some people will say their own computer is more secure than some unknown person's computer. Others will say that the majority of personal computers are insecure and a for-profit company with professional developers and sysadmins can secure their stuff a lot better than a novice at home. Who knows which is right? But the distinction is one of your computer / their computer.

Re:Replace "the cloud"

[bloodhawk]

Where it is and who has admin access are still critical with cloud deployments and all the big players make it a huge selling point about those features being available to enterprise. regardless though the cloud is in theory somewhat risky, the truth is most companies manage their networks and datacentres far worse than the large cloud providers.

Records are already in the "cloud"

Whether you are talking about cloud hosting (like AWS) or dedicated infrastructure in a traditional colo facility, your health records are likely already in someone's cloud or will be shortly. The staff at my GP uses a web application hosted by an industry IT provider to record and review all records. Whether you insist on receiving a paper copy makes no difference - the data is already there. I find having access to the records is very convenient. Just use the same common sense security you would for your online banking.

I would advise against it

[mhkohne]

And the reason I'd give is 'I don't think I can trust you'. Because that's what this comes down to - you have NO idea who these people are, really, and from what I've seen of school related software (I've got two kids in one district, and my wife teaches in another), most places selling to schools hire the people who underbid the lowest bidder.

Re:I would advise against it

[TheGratefulNet]

And the reason I'd give is 'I don't think I can trust you'.

funny, I say that to companies that I have to deal with as a consumer, such as comcast (for an example). I don't give them my home #, or I give a number that I used to have but let expire. I won't give them my cell # since I don't trust them not to abuse it. I don't have a landline anymore (most people don't) and I'm NOT going to give out my real actual cell # to some company who just seems to 'really want it'. if I have a problem, I'll call you. I don't need you calling me. again, I DON'T TRUST YOU.

so, say that. let them get used to hearing it. maybe it will sink in.

we stopped trusting you, mr. big corp. you don't get my real email addr and you don't get my cell phone #. you get my billing addr and other billing info, but you do not get the right to call me.

some school asking to store healthcare info would get the same reply. we don't trust you. nothing personal, but you - as an industry - are not trustworthy. sorry. no can do. maybe talk to little bobby tables, his parents might be ok with having his data online. do you need his number?

NO!!!, and a couple of additional questions...

[QuietLagoon]

Even if every security protocol in existence were used, are they being used correctly? Additionally, what does the ToS for the service say? Are there any third-party "business partners" with whom the data are shared? Even if it were shared with personally identifiable data removed, it can still be used to identify someone.

.
A treasure trove of medical information "in the cloud" is lusted after by too many corporate entities who have little or no regard for privacy, they just want access to more data.

What business arrangements are being made with the school by CareMoney? What data, besides medical information, is the school sharing with CareMonkey?

If it were my children, I'd run fast and far from this data harvesting Trojan horse.

Re:NO!!!, and a couple of additional questions...

[ColdWetDog]

1) I would not trust anything by a company called "CareMonkey". Period.

2) Much less anything covered by "all" security protocols. (Maybe even ROT-13, twice.)

3) And finally, Betteridge's Law of Headlines.

Re:NO!!!, and a couple of additional questions...

[ThosLives]

I would not trust anything by a company called "CareMonkey". Period.

Seconded.

Seriously, whatever happened to even pretending to be professional?

Re:NO!!!, and a couple of additional questions...

[thegarbz]

A treasure trove

For the overwhelming majority of people I think it would more be a coin that some 5-year-olds buried in the back yard under an X. Medical information is utterly boring unless you suffer from something that could either disqualify you from something else, or someone can sell you something to fight it.

Re:NO!!!, and a couple of additional questions...

[Cro+Magnon]

I like their choice of name. At least it's more accurate.

In soviet Russia...

...medics store YOU!

Paper Forms are a Security Enhacement!

Paper forms are 1000x more secure than electronic records. Put them in a locked filing cabinet and all you have to worry about is someone in your office getting the key. Put them on a networked computer and now you have to worry about EVERY hacker on the entire fucking internet.

We need to go back to using paper. 99% of the data on medical forms is write-once read-never. File that shit under lock and key and just keep the bare minimum online for regular access.

Re: Paper Forms are a Security Enhacement!

except when it comes to auditability. Paper actually sucks at telling me who else has accessed the document, not to mention the number of cases over the years of people discovering hundreds of thousands medical papers in recycling or the garbage. If done securely I would say electronic form is far more secure as it has been proven time and again that paper form is definitely not secure, doctors aren't security or privacy experts, expecting them to keep it secure is moronic.

Re: Paper Forms are a Security Enhacement!

[nbauman]

I write for medical newspapers. During the AIDS epidemic, I wrote a story about confidentiality of medical records. At that time, people were losing jobs, losing housing, losing their friends, being disowned by their families who found out they were gay, and generally stigmatized, when people found out they had AIDS. All kinds of people could subpoena medical records for all kinds of reasons (divorce, for example).

I talked to a doctor, who was kind of a gay activist, and one of the few gay doctors treating AIDS. He told me, "I promised my patients that I will keep their medical information confidential. I will burn my records before I break that promise."

You can do that with paper records. You can't do that with electronic records, because there are backups.

Re: Paper Forms are a Security Enhacement!

[JohnFen]

This.

One of the reasons I love my doctor is that he keeps two sets of records: the set that is shared with other doctors and insurance companies, and a "private notes" set that includes things that are likely to be harmful to his patients if they would be disclosed (drug use, STD history, etc.). The "private notes" are not shared (outside of a court order, I suppose), and are destroyed when the information is no longer relevant.

He started doing this to make sure his patients knew he was a safe place and they could actually be honest with him.

Re: Paper Forms are a Security Enhacement!

[nbauman]

One of the reasons I love my doctor is that he keeps two sets of records: the set that is shared with other doctors and insurance companies, and a "private notes" set that includes things that are likely to be harmful to his patients if they would be disclosed

That's right. That's a not-uncommon practice among some doctors, and a good idea. The tough question is what happens when the doctor gets a court order. I assume that some doctors would pretend that the private notes don't exist, and take a chance. It's reasonable for a doctor to conclude that his obligation to medical ethics supersedes his obligation to the law.

If I recall correctly, Massachussets General Hospital had a computer system in which there were separate systems for AIDS treatment, and for mental health treatment, so that information about stigmatized conditions could be kept confidential. I'm not sure how the details worked.

At the time I was following it, lawyers told me that you could legally see a doctor, give a false name, and pay in cash. A lot of people paid psychotherapists in cash. A lot of STD clinics allowed or encouraged patients to use pseudonyms.

One doctor told me that patients would give names like "Donald Duck" or "Ronald Reagan."

I imagined the doctor saying, "Mr. Duck? Please come into my office and we'll discuss your tests."

Re: Paper Forms are a Security Enhacement!

You can just as easily do that with electronic records.
The electronic one has the safe data.
The doctor makes a paper copy of the unsafe data.
Or he keeps it in electronic form on an off-network box that he owns the backups of.

A big problem is the legal issue. A doctor cannot legally destroy medical records for active patients in most, if not all, states.
And a doctor who has destroys all his medical records will lose every malpractice claim brought against him and probably his license as well.
Heaven help him if one of his patients dies of a pain-killer prescription overdose. The feds would not overlook the destruction of records.
I salute the doctors who took these risks to protect their patients.

Re: Paper Forms are a Security Enhacement!

Did we forget the day and age of photocopying and facsimiles? Not all data theft is elaborate....

Get them to sign a gurantee

Say they can store it if they sign a legal document that will make them 100% liable for unlimited damages if *any* of the data is ever hacked or otherwise made available to unauthorised parties.

Then watch them run.

Hell no. I wouldn't even store a backup of my funny cat pictures in "the cloud".

CareMonkey, Sounds Legit!

Sure, with a company name like that, they just reek of credibility.

as CEO of Quacks R US medical group, caremonkey sounds like an excellent partnership for our distinguished Quackers.

We partner with the best technology and services companies, just look at all the fellow Quacks we do business with:

Dewie,Cheethem and Howe Law Partners
CareMonkey
CrazyClown Airlines
Dr. Seymore Butts Protology
Crazy Joe's Clown College and Medical School
Cray Z Persons psychiatry group
Drugs R Us pharmacists
Loan Sharks R Us financial services

Payers (Insurance Companies) Do ...

... why shouldn't you?

Re:Payers (Insurance Companies) Do ...

[JohnFen]

Perhaps to minimize the amount of risk? If both you and your insurance company keep your medical records in the cloud, your exposure and risk has doubled.

Your medical info may already be hosted by AWS

I work for one of the Blues, and we are already moving our users PHI to AWS hosted services.

There is no reason to think that you have a choice where your health information is hosted.

Re:Your medical info may already be hosted by AWS

There is no reason to think that you have a choice where your health information is hosted.

There *is* a reason: HIPAA

Re:Your medical info may already be hosted by AWS

AWS is HIPPA compliant:

A large and growing number of healthcare providers, payers and IT professionals are using AWS's utility-based cloud services to process, store, and transmit PHI. AWS enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) to leverage the secure AWS environment to process, maintain, and store protected health information.

It is very common now for medical data to be stored with either AWS or Google. That trend is only going to acceleration. If you don't like it, well... best you plan to never get sick. Or old...

Re:Your medical info may already be hosted by AWS

Sorry, failure to proofread. accelerate

Re:Your medical info may already be hosted by AWS

AWS is HIPPA compliant

So they claim. You can't outsource the law. If YOUR company stores medical data, it's YOUR responsibiliity to be HIPAA compliant.

"Physical Safeguards – controlling physical access to protect against inappropriate access to protected data"

Let's see how a company is going to prove physical safeguards, if they have no fucking idea where the servers with their (or better: The PATIENTS) data is located.

"Technical Safeguards – controlling access to computer system"

If you don't control the hardware, you don't control the data. But, you're gonna say, "but weeza smart, gonna crypterize it, muahaha!", yeah, nice, but if i have full access to CPU & Memory, you can encrypt all you want...

Re: Your medical info may already be hosted by AWS

You write as if the simplest of measures--a contract and a cursory audit--don't satisfy HIPAA and other requirements. The law doesn't protect you from harm. It protects the healthcare industry from liability.

Re:Your medical info may already be hosted by AWS

[guruevi]

HIPAA means nothing and does not restrict putting the data online. HIPAA doesn't even enforce or require encryption, hell, you could even put it on the linux.org FTP servers, as long as you make sure nobody downloads it, it would be fine to HIPAA.

The way your hospital(s) handle the data, as much as they are compliant with HIPAA is atrocious from a security viewpoint.

Re: Your medical info may already be hosted by AWS

You can't really blame the GP. HIPAA is like any other law - how it is presented to the public and how it *actually* works are two completely different things. Many people mistake HIPAA for some iron-clad, heavy-handed law that makes sure their sensitive medical records are protected.

Even with a casual skimming of the law, it's easy to make that mistake, since there are clauses about how medical workers can be held personally liable for misuse of medical information. It takes a more thorough reading to realize that's just one of the ways that liability is shifted away from hospitals and other corporations in the medical industry.

Amazon is in the business of selling your data...

[ffkom]

... to advertisers and whoever else is willing to pay. Storing your data on Amazon premises is like tasking a fence to store your valuables.

Why does the school have it in the first place?

[mschuyler]

Why does the school have her medical data? They should have only the bare minimum absolutely necessary. The rest of it is none of their business.

ONLY ONE solution for PRIVATE & SAFE cloud sto

[garompeta]

You guys should check MaidSafe's project called Safe Network. It is a decentralized, server-less, blockchain-less, autonomous, private, redundant, anonymous secure network that will make any centralized system obsolete. This is the only solution possible for storing private medical records, within this system THE PATIENT would OWN the medical history, and it could allow specific doctors access to it. But the patient would be 100% in control of the data, without any risk of leakage, failure or hacks.

The Safe Network project is reaching its first alpha version, but it is the culmination of 10 years of research and planning.

Skeptical? It is healthy to have some skepticism, more info here:
Youtube: https://www.youtube.com/watch?...
Article at Techcrunch: https://techcrunch.com/2014/07...
Maidsafe explained for bitcoin lovers: https://safe-network-explained...
Maidsafe presentation on Google Techtalks (June 2008): https://www.youtube.com/watch?...
Maidsafe forums: https://forum.safenetwork.io/

Answer to the question with the Question

[Trachman]

Would you store your naked pictures in the cloud? Probably no.

The same way, probably, men and women would not like to store certain type of information:

- Abortion,
- STD testing
- Sterilization
- STD's
- Genetic Abnormalities
- Addiction
- Health Risk Assessment

Every one of these items, if leaked, have serious ramifications to personal and professional life.

The answer is No.

Re:Answer to the question with the Question

I'd let you see my medical records well before I'd let you see a picture of me naked.

Re:Answer to the question with the Question

Would you store your naked pictures in the cloud? Probably no.

Would you reconsider if the encryption of the content was made in your system, giving you the only key? Wouldn't that be equivalent to storing the content on-site? This might work until the three letter agencies succeed lobbying for the destabilization of the equation. Free World, save us (and our businesses)!

Re:Answer to the question with the Question

The answer is you don't really have a choice. I can't fathom why the school is even seeking permission. My brother works at a hospital in IT and they are in the midst of uploading everything they've got to AWS to comply with Obamacare before fines start rolling in. A lot of what your dentist does is in the cloud as well. Ever get a personalized reminder from your dentist over SMS/email/call/postcard? Odds are pretty good your info is being stored in a third party service to do that. You don't even know cool/terrifying until you go see a presentation done by Mark Logic detailing their graph database tech that can help DEA and track down doctors who write a few too many prescriptions. This 40% of the patients of Doctor A have been referred by Doctor B. 12% of Doctor Bs patients come from Doctor C. Doctor A just got nailed by drug enforcement... All thanks to the "meaningful use" of electronic medical records.

Re:Answer to the question with the Question

[JohnFen]

And I would favor the opposite. What I look like naked is one of the least sensitive (or interesting) items in my list of sensitive information about me.

Re:Answer to the question with the Question

[houghi]

I do not even want my details on line when I have NO diseases. Even if I were 100% healthy, I would not want that.

Where I go to the doctor in Belgium, I need to sign a paper each two years that allows OTHER doctors in the same building to see my details. This for when my own doctor is hit by a bus on his holiday.

It should be stricter, not less strict. No third party should be involved in any way just so the CEO can buy a bigger boat.

AWS is "HIPPA-compliant"

[mi]

AWS is HIPPA-compliant, which is why the company in TFA is able to use them at all.

Your data is no less secure at AWS, than in any Internet-connected hospital — though that in itself is not saying much.

If you can not store it yourself, trusting a company like CareMonkey, whose entire business model is predicated on the security of customers' data, probably, makes more sense, than trusting someone, for whom it is but a side-show. Such companies may still experience a problem — nothing is safe — but they are less likely to.

And if you worry about government, well, to the delight of Statists, our "democratically controlled" "strong government" already has access to your medical history. And will get more, when the "single-payer" system, so beloved by those same Statists, replaces the designed to fail — and failing — Obamacare.

Re:AWS is "HIPPA-compliant"

[Sir+Holo]

AWS is HIPPA-compliant, which is why the company in TFA is able to use them at all.

Small correction: HIPAA, not HIPPA.

HIPPA is HR law.
HIPAA is medical privacy law.

Re:AWS is "HIPPA-compliant"

[Tony+Isaac]

AWS can be HIPAA-compliant, but that doesn't mean it always is.

In order to be compliant, it's necessary for the provider to have a business associate agreement with Amazon, and for the provider to comply with HIPAA standards in the way they transmit and store protected health information.

That said, if the provider follows the proper protocols, there's no reason to think it's less secure on AWS than on their own servers.

buzzwords and marketing

[bferrell]

caremonkey seems to be a start up. look at medicalert. I think I'd trust them more

Ask Jennifer Lawrence

No.

Re:Ask Jennifer Lawrence

Nice beav, BTW.

Re:Ask Jennifer Lawrence

Please point to visual evidence.

Me? Definitely not

[wonkey_monkey]

Ask Slashdot: Should You Store Medical Details In The Cloud?

Me? Definitely not. I have no idea what I'm doing, so why would anyone give me their medical details? Crazy.

Rule(s) of the Cloud

[rholtzjr]

1. Put NOTHING on that you would deem private and confidential.

2. If in doubt see rule 1

Re:Amazon is in the business of selling your data.

[citation needed]

Because Amazon themselves says that Companies use AWS for health care data, and this is HIPAA compliant.

RHIO

[rbrandis]

It is happening http://www.hrsa.gov/healthit/t...

Really

... "Paper forms are a security risk"

Translation: Nobody ask the obvious question; what other forms are a security risk?

No.

[Sir+Holo]

No.

This is entirely obvious to anyone not trying to sell "cloud services."

Questionable Controls

[gotpaint32]

The majority of controls they note on their website [https://www.caremonkey.com/security-2/] are standard AWS controls that anyone with an EC2 instance can claim for themselves. Likewise their 3PAO attestations all appear to have been inherited from AWS. Perhaps they did their own PCI compliance audit but I doubt it based on the write-up presented.

I also find the lack of details on their application security practices a bit disconcerting. Why do they specifically call out encrypting password data but say nothing of encrypting user content. They even note that they encrypt the data on the mobile app but are interestingly silent about this on their web database, why is that? Also I find it curious they don't note anything about utilizing AWS's dedicated hosts and storage options which is one of the major requirements by Amazon for meeting HIPAA compliance, I know this is one of the many rules, because we had to sign contracts for our systems agreeing to this stipulation.

Another question is, is caremonkey even legally bound by HIPAA regulations? Do they have legally binding agreements with any covered entity or hybrid entities that subject them to HIPAA regs? It is one thing to say you are HIPAA compliant but if the rules don't apply to you then that really doesn't mean much does it...

Randomise, Falsify, Encrypt and Decode. Then Soak

[retroworks]

Wherever the data is stored, in the cloud or at a terminal accessed by employees or printed on paper en route to a shredder, it's potentially exposed. The important thing is how it is stored. There should be a program to "camouflage" the data, give false positives or false negatives to everyone for everything, and create a million fake names to boot. The computer accessing could have a program filter key to remove the fake information. Maybe someone can think of something even more effective. What they should also be doing is selling fake and bad data anyplace data is being traded. Nature evolves camouflage, not invisibility, and that's probably good enough for my medical data.

Banning computing methods to hospitals just raises the cost of health care. Hospitals have already been sold a bill of goods on destruction of hard disks and paper shredding, or at least I've never seen evidence that the risk of data leakage from old hard drives and paper is anywhere close to the billions of dollars being spent on "certified" destruction. The point being, whenever there is a scintilla of a risk, there is a potential billion dollar industry to be created out of rigamarole. I'm not saying HIPPA isn't without value, but hospitals could save billions by hosing the paper records (soaking them to clunky clods) rather than shredding them, or by dropping the hard drives from 4 feet in the air. You don't have to ensure the data is safe from the Soviet spy who would access the POTUS computer, you have to ensure that the cost and time of accessing it is not economical. Thieves are rather more attuned to cost benefit than spies are, which is why spies are only after a fraction of a percentage of user data.

And the answer is....

[JustAnotherOldGuy]

"Should You Store Medical Details In The Cloud?"

The answer is "No".

Why is the school storing any medical data?

[clovis]

Where they store the medical data is a secondary consideration.
What they are storing would be a major concern, and also for how long they are storing it.
Also, I'd want to know whether the records will be destroyed after graduation.

I assume that it's not a college or university.
I would ask why the school is storing any medical data on the student. I also assume that the child would be getting their medical care from a hospital or clinic and not the school. The school cannot be doing anything more than the most trivial medical care, so there's no need for school records of that.

I can imagine needing for some students to have some record of life-threatening allergies, vaccinations, or special needs such as diabetes.
And I'm not sure that data even needs to be in a medical record format.
Also, such data does not need to be accessed anywhere off-campus, and it has no need to exist after graduation.
For example, consider dietary restrictions. Is the school cook going to be access the student's medical records to get that information? I don't think that would be a good idea.

If you have a child with problems that the school must know about for safety reasons, then you'll want to participate in whatever program they have. It may suck, but this is a case of small danger (loss of privacy) vs large danger (loss of health/life).

But if you have a healthy kid, here is what I would worry about if they're keeping medical records on the kids. It's mental health statements.
I'd worry whether school "medical" personnel are making diagnoses of mental problems and putting in the schools medical record. For one thing, it's likely to be a poorly done diagnosis, and the other is that is something that could turn up later to haunt her if the records are later shared with some other institution.
I suspect that HR people would be more likely to overlook a missing arm before overlooking a school psychologist's suspicion of of manic-depressive behavior or schizophrenia.

How do you know it isn't already.

[jellomizer]

Population health is the current big thing. Where you health info is being sent to many institutions and shared. Most hospitals do not have the resources for such an undertaking so they may fall to venders who may use the cloud for their services. As far as the hospital is conserved if there is a breach, the fault will go to the vender who will pay the fines.

Re:HIPAA is gay

It was enacted by politicians who got into a hissy fit because they did not want the public to be finding out about the inordinate amount of objects they were inserting into their but holes. It has had the unintended consequence of protecting the health care industry from the public scrutiny of their multitudinous failings. I for one do not give a fuck who knows that I have an impacted bowel, or a inguinal hernia, or that I like to stick frogs up my anal sphincter. Post my records I don't care. Don't be embarrassed. Let the public know you. Lets not add a whole new level of complexity and gayness to an already fucked up system.

HIPPAA protects the hospital and insurance companies, not the public.

This is exactly right about medical records privacy and HIPAA
It's wasn't butt games, though.
I remember back in the 1970's when it started. Everyone running for office tried to get the medical records of their opponents and it became a common attack. If Bob ever took valium, then he was obviously mentally unstable. If he ever got a treadmill test, then at any moment he could die right when the communists attacked. And with the medical record, you had proof.
Very soon, a need to protect everyone's medical records' privacy was discovered.

And you're a liar. I know for a fact that AC pushes rodents up the butt. It's never been a frog.

It's already in the cloud

[Tony+Isaac]

Your doctors likely already use cloud services to store your medical data. They transmit it via the Internet to other medical providers and to insurance companies, who in turn store much of their data in the cloud.

The cloud is neither here nor there, when it comes to security. There are secure cloud providers, and insecure ones. Doctors who do not store their data in the cloud, likely store it on their own servers, which are probably much LESS secure than AWS.

You can't really win. Your data is out there, whether you like it or not. The questions you need to ask yourself are:
- How critical is security to me?
- What will really happen if someone sees this information in an unauthorized manner?
- Do I trust my providers to keep my data private?

There are no right or wrong answers, nor is there a such thing as 100% secure. If somebody REALLY wants your data, they will get it.

Re:It's already in the cloud

[JohnFen]

If, as your say, privacy is already dead then there 's no point to your questions. I, however, think there's still hope. Here's my answers:

Security is extremely critical. I would forgo most medical care to maintain it, if necessary. What would happen to me if my medical data is revealed entirely depends on who it's revealed to. I do not trust any of my providers to keep my data private, but the level of my mistrust varies according to which specific provider we're talking about. Certainly, once a hospital or insurance company is involved, there can be no trust whatsoever.

Maybe someday

I think someday the cloud can be secure, but right now I don't see how anyone would say paper records are less secure. they are harder and slower to access, but if you want to steal then you need to break into an office and haul away sizable amounts of paper. I remember the records section of my doctor back in the 90's, it was two 12 foot rows of records floor to ceiling. If you want to steal 100,000,000 records from the cloud you just needs a bit of time and no physical access.

Just decline

what specific reason would you give for refusing?

"I would prefer not to do so."

They need your permission to do something like this. Do not give it. Simple. If they do so, hire a lawyer.

Just like they need permission to take identifiable photos of your kid and use them in any sort of publication. If you do not wish a school (or other organization) to benefit from the image of your child, do not give the permission. If they do it anyway, hire a lawyer.

then they can hook into the PCPs E-Record system

[laurencetux]

heck if CareMonkey had any smart chimps they would hook into the Major Providers to get hot copies of the data (after getting the perms from the guardians).

a bit of an Epic question

[laurencetux]

why doesn't CareMonkey do linkups with Epic here in the US??

US /.ers raise your hand if your local medical system use something called MyChart for E-Records??

Re:Randomise, Falsify, Encrypt and Decode. Then So

[DesertNomad]

... but hospitals could save billions by hosing the paper records (soaking them to clunky clods) rather than shredding them...

This idea I like! A giant kettle down in the basement, where all the old records go. simmer, press into small bricks, and let air-dry. Turn them into building materials!

Depends...

[SleepyHappyDoc]

on whether or not you want your daughter to be allowed to attend school. Sure it might be optional now, but once a majority of uninformed parents get on board, they'll surely make it mandatory.

Yet another stupid 'Ask Slashdot' question

Why would you store anything on the cloud that is personal and or important? I have a great ask slashdot question....

Should I leave cash sitting in my front yard?

Re: Why does the school have it in the first place

Assuming they have some form of on site care, whether it's a nurse, a psychiatrist, or some other professional, they're a provider. Seeking permission limits their liability. It may also be required to provide care for the child in an emergency, provide adequate facilities and food services, adjust lesson plans, etc.

The Cowboy Neil Cloud

I store all my medical records within Slashdot comments and trust that Cowboy Neil will keep them safe from snooping.

HIPAA Fraud

[mbeckman]

The controlling regulatory authority for medical records in the U.S. Is HIPAA. Amazon's AWS can be made HIPAA-compliant, but only by the cloud-based medical provider, not Amazon itself. Achieving HIPAA compliance in AWS is quite complex -- and costly -- requiring a separate virtual instance for every covered entity (e.g., insurance company or medical provider) and a slew of other sophisticated security measures.

I'm a HIPAA IT security auditor, and have been amazed at how many cloud-based medical startups claim HIPAA compliance just because they use AWS. These companies are either too incompetent to understand that they have the burden for compliance, not AWS, or they are consciously lying to the public. Unfortunately, there are few enforcement mechanisms for HIPAA fraudsters because, ironically, they don't actually have a legal requirement to be compliant. That's up to the covered entity.

So ask any cloud medical provider to give you documented proof that they have actually implemented all HIPAA security measures. I ask for screen shots of the AWS provisioning pages. And don't let them claim confidentiality.

Claiming the "cloud" is more secure than paper?

[Attila+Dimedici]

Any company which claims that a paper medical record is less secure than a medical record stored on the cloud clearly does not understand security (or is willing to lie about it) and none of their claims about keeping your information secure is to be trusted. Any method of gaining access to the contents of paper medical records other than having to go to the office where they are stored and physically handle them can be used to gain access to electronic forms of those same records (including electronic records on the cloud). In addition, there are many ways of gaining access to electronic records stored on the cloud which will not work for paper records.

Re:Claiming the "cloud" is more secure than paper?

Hospital IT employee here from the pre-electronic medical record days to present MR technology.
  I mostly agree with you regarding the relative security of paper records from remote attacks and also across the board dumping all the MR attacks.
There is no way to grab a hospital's entire MR if they're on paper. For one thing, the older records aren't even on-site, but rather are in a warehouse.

As for security on a local basis ...
The biggest threat for a targeted person's patient privacy is from the employees of the hospital.

Electronic records have access logs except for the home-grown stuff. In a modern hospital every access to every medical record is logged, and sensitive records (politicians, celebrities, etc) will send an immediate alert to IT security, risk management and whoever else needs to know. And trust me, it has happened, and we respond instantly.

With paper records, you do not know if anyone has ever accessed a record and certainly have no way of knowing who it was. Borrowing one isn't that hard.

However, in a hospital setting, the value that electronic records brings to medical care is far beyond the value of the security that paper records have.
Consider the extreme case of organ transplant patient. They might have 10 different doctors simultaneously trying to solve an emergency condition, and these doctors are often in different physical locations. It's not unusual for these people to have a MR of over a thousand pages. You can't copy and fax that to 10 different people in any reasonable amount of time, and you especially cannot manage keeping paper copies synchronized and up to date.

Emergency room patients with serious injuries have a similar problem - doctors and laboratories in different places working simultaneously on multiple problems for that person. How do they simultaneously update a paper record? They cannot.

On a different note, the worst thing about paper records is that if they are lost (and it happened too often), they are gone forever.

Re:Claiming the "cloud" is more secure than paper?

Ideally each patient would care for and have the only copy of their records. If they lose them, that's their problem.

Re: Amazon is in the business of selling your data

[mbeckman]

Some companies use AWS in a HIPAA-compliant fashion, but many more don't. Achieving HIPAA compliance in AWS is quite complex -- and expensive -- requiring a separate virtual instance for every covered entity (e.g., insurance company or medical provider) and a slew of other sophisticated security measures. And it's not Amazon's responsibility to police companies claiming compliance. Amazon just provides APIs and services that can be built into a software company's infrastructure. But nobody is checking to make sure they do.

SHA3 is not an encryption algorithm

[hawguy]

From the caremonkey security page:

All data in the CareMonkey mobile apps for smartphones or tablets is stored in an encrypted format using SHA3 (512bit). An essential requirement is that if a device is lost/stolen or someone gains access to the data files on the device that they are not be able to access any personal data.

SHA3 is not an encryption algorithm, it's hash function (it's right there in the name, SHA= Secure Hash Algorithm).

"The cloud" is not the problem

Using AWS isn't what scares me. Having medical data in AWS is already happening - you probably have medical data stored in AWS and don't even know it. AWS is HIPAA-compliant - and that can be expensive. They're doing it because there's huge demand for HIPAA-compliant cloud services.

Anyway, do you know how schools used to store their emergency medical information? Locked drawers. Filing cabinets. They probably take the information with them on camps, where it probably just goes in the teacher's bag.

CareMonkey is the problem. Their security information is a nightmare.
> Rootkit Checker – checks the rootkit of the server for any malicious software or service.
"Checks the rootkit of the server"? What?
> All data in the CareMonkey mobile apps for smartphones or tablets is stored in an encrypted format using SHA3 (512bit).
That doesn't even make sense! You can't store data using SHA3 - it's a non-reversible hash.
> Our third party security assessments cover all areas of our platform including testing for OWASP Top 10 web application vulnerabilities.
The first OWASP check I made on their sign-in page - uses correct HTTPS headers - shows they're missing 3 recommended headers. OWASP recommends use of HSTS, which doesn't show up in their headers. It recommends use of HPKP, which again, doesn't seem to be used. It recommends use of a CSP (not used). Don't worry, I did nothing dodgy by doing this check - all you have to do is load their login page and take a look at the response.

I've been asked to write the security portion of more than a few web-sites. I was usually asked because I was the most-knowledgeable person in the company on those topics.

If CareMonkey's most knowledgeable security expect thinks SHA3 is something you use for storing encrypted data, and wrote that sentence about rootkits, the company has no business storing private medical information.

NO

[Morpeth]

That is all.

Of if you need more details, no, no.. fuck no, no fucking way, NO GODDAMNIT -- NO !!!!

Covered entity?

This feels wrong in so many ways, but not in the obvious ones. AWS can support security that is much better than most doctors practices.

First, Why the f*** does the school want "full medical records"? Remember, governmental entities (like schools) are exempt from HIPAA, so no liability if something bad happens. Allergies, meds, vaccinations and contact information should be all they need.

Second, while this site says they abide by HIPAA, in fact consumer web sites (unlike healthcare providers) are not actually governed by HIPAA, they are governed by the FTC. So this is like GM saying that their cars comply with all relevant FAA regulations. True, true, and unrelated, as they say. Any organization actually governed by HIPAA is called a "covered entity". Is this site a covered entity? I doubt it.

It is correct that AWS can be HIPAA compliant through a BAA (business associates agreement) that states that HIPAA liability covers the subcontractor. However, AWS typically does not sign these themselves, they sign them through third parties that assume the liability. My organization has BAAs in place with both AWS and Azure. We are still deciding what information we actually feel comfortable storing there.

The only reason I could imagine this making sense is if the student is traveling abroad and there is a likelihood that she might need emergent care in a foreign country, this might provide a way to get the records to the doctor during a disaster. let's face it. During a disaster, the last thing you care about for your medical records is privacy.

Well, you can still botch paper record security

[davidwr]

If you leave your paper records lying around in view of your internet-connected-and-still-using-the-default-password security cameras ....

No

There are many risks in storing your data in public clouds. Mainly the fact that governments can gain access any time they want, also the fact that they can refuse access to the data at any time.

The best solution would be distributed system where customer can have choice where data are stored (cloud, local, or copy on both), who can have access to the data, and everything is encrypted by the customer keys.

There is no "cloud"

[Chas]

There is only "other peoples' servers".
This is true of both physical and virtual machines.

hell no.

next question, please.

There is no cloud

[emaname]

To quote the Free Software Foundation Europe...

"There is no cloud...

...just other people's computers."

Would you Trust Any Guarantee?

[Roger+W+Moore]

What HIPAA guarantees does CareMonkey make?

Would you trust any security guarantee from a company who thinks that putting documents in the cloud is less of a security risk than a paper document? These guys are clearly idiots who have no idea of the type of security problems they are going to be dealing with.

Seriously?

The name of the company is "CareMonkey". Somehow that just doesn't shout "security" to me.

Computer Security 101

If you do not have physical control of the hardware, you have no security and the data is not yours anymore.

EVERYTHING else is moot if you do not have control of the hardware and who has access to it.

Why do people people who are automatically suspicious of Donald Trump or Hillary Clinton (pick either one), disbelieving everything he/she says, who would presuming him/her to be a would-be Hitler, NEVER trust him/her, and who automatically assumes the worst motives of him/her, suddenly get all gullible when a company that makes billions of dollars snooping on people offers to store all of somebody's data for them at bargain prices and is eager to store health data, banking data, business data, etc?

Computer companies seem to occupy the same space in the minds of some people as puppies. Their bad behaviors are easily dismissed. The best intentions are assumed. When they "do their business" on the rug, they are rapidly forgiven. Cute puppies can grow up to be dogs with bad tempers and dangerous bites... and long before they are worth a billion dollars...

Re:Computer Security 101

[Z00L00K]

The quote "To err is human, to really screw up things you need a computer" comes to mind.

Per their site

[l0n3s0m3phr34k]

Their using something called MyVCM to "to ensure we operate a robust information security and privacy program", whatever that actually means. I found this, which at least mentions " HIPAA, NIST, FedRAMP, COBIT, COPPA, ISO/IEC, and PCI DSS". Not sure just what particular NIST their referring to, but any company that actually pays attention to the 800 series and doesn't just go by the scant HIPAA security "regulations" is at least looking in the right direction. All of this is straight off the HIPAA Security ruling. Caremonkey won some award. Their based out of Australia.

I wouldn't use them. Because CodeMonkey comes from Australia, and, as everyone knows, Australia is entirely peopled with criminals. So you can clearly not choose the cloud-based provider in front of you.

Re:ONLY ONE solution for PRIVATE & SAFE cloud

yet another crypto currency scam system reliant on the value of the currency to ensure system stability

Re:Randomise, Falsify, Encrypt and Decode. Then So

[retroworks]

In the 1990s, there was a hydropulper (paper mill tech) in the basement of the Pentagon. Unfortunately they didn't have the rollers etc to produce recycled content paper out of it, but were halfway there.

Bring your own key..,

So, generally speaking nothing you put in the cloud is safe from being read or modified by anyone else. Risks range from privileged support engineers stealing disks, snooping the physical wires and examining running memory, to tenants is shared infra escaping their containers and skipping merrily through the under loud. Then you have the usual man n the cloud data duplication to third party sites via an Insecure APIs... Blah, blah, blah...

The basic problem is you just don't know what's happening.

Keeping private data in the cloud requires special thought. You never want to pass unencrypted data to the cloud compute or storage area. Always encrypt it first. You never want to keep the encryption keys in the same cloud as the data. Actually, you want your keys to be held in a different legal jurisdiction to you and your data, accessible via contractual rules and third party oversight.

If a government or thieves want your data, make them jump through Hoops in multiple jurisdiction world wide.

Ah, forget it. Who cares?

Here ya go

Sure. 33m. Excelent labs. Healthy in every way. Has a hemroid. There. Medical data in the cloud.

Re:ONLY ONE solution for PRIVATE & SAFE cloud

[nbauman]

What happens when the patient shows up unconscious in the emergency room?

No.

[JohnFen]

At least not without encrypting all the data before it gets transmitted to the cloud. The cloud is unsuitable for the storage or processing of any remotely sensitive data.

Not all courses are the same.

Not being from the USA, I am not keen on any personal or medical information being accessible to US spooks or big business (look to be the same thingroup anway).

For my own daily stuff, most of the clouds I use are controlled by US companies. For hyper confidential stuff, including children, paper beats USA control, sorry.

Re: Not all courses are the same.

I said clouds! Stupid autocorrect...

If you have to ask...

[martinfb]

If you have to ask, then you might want to find a new career.
Anyone knows that anything on the web is ultimately vulnerable and very likely accessed by someone unintended. Why even chance it?

On further thought, why am I even wasting time replying?! (That's rhetorical, if you haven't figured that out yet.)

Perhaps the P/C answer is: It depends on your capacity for risk of being exposed.

"Paper forms are a security risk"

[whitroth]

Anybody who said that, esp. when they're offering a cloud solution, should be instantly classified in the same category as that Nigerian prince who wants to make you rich helping him.

So, provider, tell me: how much more likely is it that the paper forms or their copies could be stolen - that's how many hundreds or thousands of pounds of paper - or that somebody or some group cracks the cloud security and d/l *all* of them? 100k times more likely the latter? A million times more likely?

Bull. Nothing wrong with computerized records... and local records d/l with security from the central repository, and that should *NOT* be a cloud. And SPEND THE DAMN MONEY AND HIRE A REAL SECURITY PROFESSIONAL TO LOCK IT ALL UP.

Alternatively, how big is your budget when it gets cracked, and all the parents file a class-action lawsuit for $100M US...?

                    mark

Yes!

Because the FBI, the CIA, the NSA, the DEA, the DOD, and even the agency so secret that it Cannot Be Named (CBN), want, nay, need access!

Because, you know, terrorism. Or crime. Or Keeping Up With The Kardashians. Look, are you a Commie Pinko, this is national security we're talking about! You cannot be against a policy of a Three Letter Agency and for your country, everyone knows that!

Safer?!?

[sjames]

Ask yourself this: When is the last time you read about identity thieves stealing PAPER records of 50,000 people?

Re:Yes, but encrypt it locally first

There are many products that offer cloud encryption that are suitable for medical records. Truecrypt's successor VeraCrypt works well for single files and Syncdocs encrypts files on Google Drive. Just don't forget the password!

Re:Amazon is in the business of selling your data.

... to advertisers and whoever else is willing to pay. Storing your data on Amazon premises is like tasking a fence to store your valuables.

Wrong.

Amazon is one of the few companies left that does Not sell you out.
From their Privacy Policy here; https://www.amazon.com/gp/help/customer/display.html/?ie=UTF8&nodeId=468496#GUID-A2C397AB-68FE-4592-B4A2-7550D73EEFD2__SECTION_3DF674DAB5B7439FB2A9B4465BC3E0AC

It says " Does Amazon.com Share the Information It Receives?

Information about our customers is an important part of our business, and we are not in the business of selling it to others."

So, I'd say your stuff is safe with Amazon... until Comcast buys them.

What's the alternative

[zmooc]

If given the choice between my medical data being on a server in a hospital or whatever managed by a grumpy sysadmin who also needs to take care of peoples desktops or stored on a server that happens not to be in a hospital, managed by people that do only that, I'd go for the cloud hands down.

However, one should be picky about the country and jurisdiction of your cloud. I suggest not to store your medical data on a US server (or a US company server) if you're not in the US.

Fear of the cloud is a bit like fear of flying. "OMG I'M NOT IN CONTROL", totally ignoring reality.