Recent privacy news from around the web …<\/p>\n
Geoffrey A. Fowler on the Washington Post <\/em>(washingtonpost.com)<\/p>\n Software that thousands of clinics and hospitals across the United States use to check people into appointment harvests the information people provide and uses it to target ads. \u00a0How can they do that? \u00a0 Phreesia<\/a>, the software company, includes a paragraph authorizing this in the consent form people sign when they’re checking in \u2013 and most people don’t bother to read it, so consent to sharing. \u00a0It’s a classic example of the way a “notice and consent” approach allows companies to expoit us as long as we don’t say no. \u00a0<\/p>\n THE DEVIL IS IN THE DETAILS:<\/strong> \u00a0ADPPA<\/a> Section 204 (A) (page 33) \u00a0requires “affirmative express consent” to transfer sensitive data. \u00a0Does Phreesia’s consent form language \u00a0meet the requirements for “affirmative express consent” in Section 2 (1) (page 2)?<\/p>\n \u201cI hereby authorize my health care provider to release to Phreesia\u2019s check-in system my health information entered during the automated check-in process \u2026 to help determine the health-related materials I will receive as part of my use of Phreesia. The health-related materials may include information and advertisements related to treatments and therapies specific to my health status.\u201d <\/p><\/blockquote>\n Todd Feathers, Simon Fondrie-Teitler, Angie Waller, and Surya Mattu on The Markup<\/em><\/p>\n On a TX hospital\u2019s website, we searched for \u201chome abortion\u201d providers. When we clicked the \u201cSchedule Appointment\u201d button on a doctor\u2019s page, Facebook received:<\/p>\n – Our device\u2019s IP address — Todd Feathers (@ToddFeathers) June 16, 2022<\/a><\/p><\/blockquote>\nFacebook Is Receiving Sensitive Medical Information from Hospital Websites<\/a><\/h3>\n
\n
– The doctor\u2019s name
– Our search termhttps:\/\/t.co\/fvToCMR9x5<\/a><\/p>\n