> (1) it's one of the best-known and beefiest privacy statutes (HIPAA)
HIPPA protects you from gossiping staff, everything else is fantasy thinking.
When my wife miscarried and was hospitalized from an ectopic pregnancy, sufficient PII was available through various channels for enfamil to send a “Welcome Baby” biz via fedex on the would-be due date.
I’m so sorry. I hear advertising stories like this more and more frequently and I wonder when the US will at least ban targeted advertising based on health data - actual and inferred. It‘s despicable.
We felt really violated by this, and I ended up buying the marketing list in question for my zip code to understand what happened better. It’s unlikely anything will change for the better. The scrubbing of identity data is pretty easy to reverse engineer by design, as the stream of data is used by pharmaceutical companies, insurance subrogation, etc to do all sorts of things. A pharmaceutical sales rep has a scorecard for your doctor — they bpm now how many scripts were written and filled. The people who gather prescription data have your prescription before your pharmacy does.
Some states have fed things like Medicaid claim data to companies to mesh against data from insurers to build models designed to target opioid abuse. By correlating events or behaviors tied to abuse to diagnoses, predictive models can be built from unprivileged data. (Remember when Target predicted someone’s pregnancy before they knew a few years ago?)
HIPPA protects you from gossiping staff, everything else is fantasy thinking.
When my wife miscarried and was hospitalized from an ectopic pregnancy, sufficient PII was available through various channels for enfamil to send a “Welcome Baby” biz via fedex on the would-be due date.