Privacy Act of 1974 — In response to a proposed Department of Homeland Security rulemaking regarding a system of records, the World Privacy Forum filed comments requesting changes. The primary objections are that the proposed system of records commingles records and functions, the proposed exemption is inconsistent with the system notice, and DHS’s proposed exemption from civil remedies was not correct, among other issues. The World Privacy Forum stated in its comments that the Department of Homeland Security should demonstrate its commitment to accountability and transparency in the rulemaking.
Identity theft | medical identity theft — The World Privacy Forum filed comments with the Federal Trade Commission, the Treasury, and other federal agencies today regarding the joint draft rule on “Red Flags” for identity theft. In its comments, the World Privacy Forum requested that medical identity theft be added to several aspects and portions of the proposed rule. Adding medical identity theft to the rule is essential to help close gaps in protection for consumers and to encourage health care providers to attend to victims’ challenges and needs regarding medical identity theft.
Internet privacy — The World Privacy Forum announced today that it would be filing a complaint with the Federal Trade Commission about the posting by AOL of a portion of its users’ search data on the Internet. While the data was not expressly identified by name, the search queries themselves included in some cases personally identifiable information such as individuals’ names, Social Security Numbers, and myriad other personal information. The World Privacy Forum urges consumers to take precautions when using search engines.
Genetic privacy — The collection of DNA material from 500,000 to 1,000,000 or more individuals as part of a large U.S. medical research project raises many challenging ethical, legal, and privacy issues. An advisory committee reporting to the Office of the Secretary of Health and Human Services ( the Secretary’s Advisory Committee on Genetics, Health and Society) has published a detailed analysis of the issues such a project and its associated databases and biobanks would raise in a draft report. The committee’s final report and policy recommendations will be submitted to the Secretary of HHS. The World Privacy Forum has submitted public comments on the draft; the comments include key policy recommendations.
Medical privacy | HIPAA — Five groups joined the World Privacy Forum in asking for changes to be made to a proposed rule on how medical healthcare claims attachments are handled electronically. The World Privacy Forum and the EFF, EPIC, Privacy Rights Clearinghouse, Privacy Activism and U.S. Public Interest Research Group (U.S. PIRG) asked that physicians be given more control over what parts of health records they send electronically to insurance companies, that psychotherapy notes not be included when sending health records for insurance payment, and that the HIPAA Privacy Rule be rigorously applied to scanned health records.