The World Privacy Forum filed comments with the Equal Employment Opportunity Commission about wellness programs and related privacy impacts to individuals. Many Americans now take part in employer wellness programs, and they are increasingly and justifiably concerned about the sensitive information these programs are gathering, sometimes in return for incentives such as discounts on pricing for health insurance. These comments to the EEOC address some of the most significant challenges individuals face, including voluntariness, fairness, due process, and information sharing outside of HIPAA.
The World Privacy Forum’s recent public comments to the White House regarding Big Data focus on using a foundation of Fair Information Principles to address issues connected to bias, error, and privacy regarding big data as applied to vulnerable populations. The comments also discuss large medical research data sets, and stress the importance of applying
01/23/2012 GPS tracking | United States v. Jones — The US Supreme Court unanimously ruled that police must get a warrant before using GPS devices to track criminal suspects. This case was narrow and dealt specifically with a GPS device physically attached to a suspect’s vehicle. The concurring opinion of Justice Sotomayor points out that the subtler issues of digital era tracking were not dealt with in this case, for example, cell phone tracking, web site tracking, etc. She wrote: “More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. E.g., Smith, 442 U. S., at 742; United States v. Miller, 425 U. S. 435, 443 (1976).” She continued: “This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.”
Health privacy — The World Privacy Forum filed comments today about how medical records and other health information is intersecting with online advertising and online activities. The WPF comments were filed with the Department of Health and Human Services in response to its request for comments on personal health records, privacy, and social media.
In our view, the Department’s proposed changes to HIPAA regarding marketing are contrary to the law. Current law requires that paid communications for any marketing should be allowed only on an opt-in basis. We oppose the Department’s proposed regulation that would allow communications paid for by third parties who are not the entities whose product or service is being described in the communication.