Blog Post

Top ten opt out list — This is a list of what top things to opt out of, and how to opt out. Millions of people have heard about the Do Not Call list, an opt out list that gets people off of telemarketing lists. But many fewer people have heard about the other opt outs that are available, like those that can take people out of data broker lists or opt outs that can stop schools from giving out directory information like email and home addresses. Opting out can range from the not-too-difficult (the Do Not Call list is a fairly simple opt out) to the challenging. This list is meant to simplify the information about which opt out does what, to help decide if a particular opt out is the right choice, and how to go about opting out.

This is a request for records that have originated within the GAO. We are making this request pursuant to GAO’s Public Availability of General Accounting Office Records regulations at 4 CFR Part 81.

Security freeze | identity theft | financial privacy — A credit freeze (sometimes called a security freeze) lets you stop the disclosure of your credit report by a credit bureau. A credit freeze can be especially helpful to individuals who are having persistent problems with identity theft. If you live in a state with a security freeze law, then you may be able to place a security freeze on your files. This World Privacy Forum resource gives general background on security freezes, lists the states with security freeze laws, and links to more information for each state.

FDA privacy standards – RiskMAPs – World Privacy Forum executive director Pam Dixon testified at an FDA/AHRQ joint public workshop about the need for the FDA to set robust privacy standards for drug risk minimization programs, which are put in place for drugs the FDA has determined to be high risk in some way. Drug risk minimization programs (like the iPledge program for the acne drug Accutane) are not typically covered by HIPAA, and some programs have a privacy policy that allows marketing use of patient information collected as part of the risk program. This kind of marketing activity would not be allowable if the programs fell under HIPAA, and Dixon’s testimony stated that patients in these programs should have the same kinds of privacy protections as HIPAA covered programs, and that marketing activities involving patient information should not be allowable in these programs.

Genetic privacy — Executive director Pam Dixon presented key issues and potential solutions regarding privacy and Genome Wide Association Studies at the Institute of Medicine’s Board on Health Sciences Policy meeting. Her presentation included recommendations to engage in a comprehensive study of certificates of confidentiality, to encourage standards of identifiability, to encourage study of what more uniform standards of privacy and security for researchers might look like, and a recommendation to work toward broad solutions that extend beyond GWAS activities.