Saturday, August 29, 2015
It's an interesting but not impossible problem. Access to records you did not create should require some authorization, such as a simple referral (top down) or a request and approval (bottom up). Authorized access to a patient database should not grant automatic access to every patient.
In November 2013, I blogged about the case of a privacy breach at Northern Inyo Hospital that was so devastating to the patient that she was going to move away. The breach was a willful insider breach that impacted a custody dispute.
That same year, and unbeknownst to most people, there was a lawsuit filed over another insider breach that similarly devastated the patient involved. This one involved the Ronald Reagan UCLA Medical Center and an employee of OB/GYN Dr. John Edwards accessing the system’s database and then disseminating sensitive information about an employee-patient, Norma Lozano. Dr. Edwards is affiliated with UCLA, but Ms Lozano was not his patient and there was no reason for anyone in his office to access her records. According to media reports, an unnamed temporary employee of Dr. Edwards, allegedly accessed Lozano’s medical records in September 2012, made copies with her cell phone and sent them to Lozano’s former boyfriend — the father of Lozano’s then unborn child — and another person.
Lozano sued UCLA, and her case made it to court this past week. You can read a recap of the case on Patch, MyNewsLA.
It is not clear to me whether this incident was ever reported to the California Department of Public Health and of so, what action the CDPH took in response. What is disturbing is that in its defense, UCLA claims the responsibility lies with Dr. Edwards for providing his password to his temporary employee.
But does it? While I agree that Dr. Edwards had an obligation to train his employees and establish access controls and monitor his employees’ conduct, shouldn’t the hospital, recognizing the risk of snooping and inappropriate access, have done more to prevent such situations? Should only celebrities have higher levels of data protection? I don’t think so.
It is not clear to me why Dr. Edwards was dropped from the case as a defendant, and why the unnamed employee was not also sued, but I hope everyone takes note that a major hospital system seems to be saying that it’s not their responsibility to protect you from improper access to your records from employees of its affiliated doctors.
Think about whether that is a satisfactory situation.
Drones for everyone but us second class citizens?
Weaponized Drones May Fly the Friendly Skies of North Dakota
"It's a terrible idea to arm drones, even with so-called nonlethal weapons, which really should be called 'less lethal' weapons," said Jay Stanley, a senior policy analyst at ACLU, who noted that Taser shocks "kill roughly one person a week." Arming drones "would make it too easy to use force -- and when things get too easy, they tend to get overused."
… The new law gives police the authority in a roundabout way: Section 5 states a law enforcement agency may not authorize the use of an unmanned aerial vehicle armed with lethal weapons.
(Related) Stop worrying about drones, there's an App for that! (And everyone always follows the rules)
FAA Starts Beta Testing App That Tells Drone Pilots Where They Are Allowed To Fly
Earlier this year, the Federal Aviation Administration (FAA) announced that it would soon start beta testing an app that would help drone flyers understand where they can and — more importantly — can’t fly. Today, the FAA announced a few more details about the app and launched the first beta version of the aptly named B4UFLY app for iOS.
Sadly, though, this is still a private beta test that will likely run for two months. For now, the app will be iOS-only, with an Android version to follow at an unspecified date.
It looks like the private beta is currently oversubscribed, but you can still get on the waiting list by emailing email@example.com to request an invite.
(Related) But in case that doesn't work... I don't suppose I can buy one of these? Will we see them at every airport, forest fire, prison and nudist colony in America?
Boeing’s Portable, Tripod-Mounted Compact Laser Weapons System Can Roast Drones In Mere Seconds
… Over the past few years, it's become clear that many people don't understand proper etiquette when it comes to flying their drones.
if you can spot a drone with a pair of binoculars, its system will have no problem striking the target – with a deviation of up to 2 inches depending on the movement speed of the drone.But, with Boeing's laser system on-hand, any threat will be dramatically reduced. While max range isn't given, Boeing says that
Boeing touts this system as being very low cost, especially with regards to maintenance. The main moving part is what rotates the unit before it fires; there's no traditional ammunition used here, so there's only electricity to worry about. If the fact of what this is capable of isn't cool enough, note the fact that a human operator first lines up the the target with an Xbox 360 controller. Afterwards, the laser system takes over and fires the fatal shot.
A backgrounder for my IT Governance students.
4 Tips for Successful BYOA Governance
The "app culture" era is upon us, transforming the way we work, play, learn and live. At work, employees increasingly use their own third-party productivity applications to improve productivity and access cloud-stored data in a trend called bring-your-own-app (BYOA). A boon for worker productivity, the trend is a governance nightmare for IT leaders.
Fortunately, there are concrete ways that organizations can work better with employees to provide them with the flexibility to use their own applications while protecting the firm against security risks.
Who'd a thunk it?
Generation LOL Irked By Grammar Slip-Ups
New York — It’s the LOL generation that appears most annoyed by bad grammar and spelling slips, according to a survey by Dictionary.com.
The site found in an online Harris Poll done July 31 to Aug. 4 that 80 percent of American adults 18 and older consider themselves good spellers, but they may be overestimating their abilities.
The survey of 2,052 people showed 71 percent responded that they often find spelling mistakes in correspondence from others.
Among respondents 18 to 34, 74 percent said they were irked by such slips on social media — more than any other age group.
… Across all age groups, 59 percent said improper grammar is their biggest beef when it comes to the English language.
Women notice grammar and spelling mistakes more than men, with 75 percent saying they often find errors in the writing of others. That’s compared to 66 percent of men who spot errors, according to the survey.
Just in case this is correct, my niece and nephew are getting calligraphy sets for Christmas.
How The Ballpoint Pen Killed Cursive
… Given the amount of time I spend on computers, it would be easy for an opinionated observer to count my handwriting as another victim of computer technology. But I knew script, I used it throughout high school, and I shifted away from it during the time when I was writing most.
My experience with fountain pens suggests a new answer. Perhaps it’s not digital technology that hindered my handwriting, but the technology that I was holding as I put pen to paper. Fountain pens want to connect letters. Ballpoint pens need to be convinced to write, need to be pushed into the paper rather than merely touch it.
What other industry provides this much humor each week?
Hack Education Weekly News
… Via the LA School Report: “LA Unified said today its inspector general is ‘looking into’ the possibility that nearly 100 district employees used district email addresses to contact ashleymadison.com, a website that promotes extra-marital affairs, calling itself ‘the most famous name in infidelity and married dating.’”
… “The New York City charter school that made the largest gains on state English tests also made an unprecedented decision to grade its own students’ exams,” Chalkbeat reports.
… The University of Maryland University College says it will be textbook-free by the fall of 2016.
… Via Boing Boing: “Cute Wonder Woman lunchbox banned from school for being too violent.” [Clearly we have become a nation of sheep, more concerned with political correctness that reality. Bob]
… “Buzzwords May Be Stifling Teaching Innovation at Colleges,” says The Chronicle of Higher Education’s Jeffrey Young.