tag:blogger.com,1999:blog-9959351.post3723081547849598071..comments2023-10-14T04:53:34.428-04:00Comments on Tsibouris Privacy + Technology Law Blog: Microsoft Health VaultDino Tsibourishttp://www.blogger.com/profile/16507887938640430240noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-9959351.post-25827965135384244472008-02-28T02:15:00.000-05:002008-02-28T02:15:00.000-05:00Even though health vault is being held up as the s...Even though health vault is being held up as the standard in patient privacy and has received the apparent seal of approval by one of my favorite patient privacy advocates Dr Deborah Peel, it member organizations don't appear to subscribe to this same standard. <BR/><BR/>Here for example is the privacy statement from the American Heart Association - one of their premier partners. <BR/><BR/>Go to health vault. click through the AHA to their web site and read their privacy statement. <BR/><BR/>"c) The AHA owns all Personal Information provided to it by individuals. When an individual provides Medical Information to the AHA, the AHA will ensure that the individual acknowledges their assignment of the right to use the data to the AHA." <BR/><BR/>(a) For disclosure of Demographic Information (e.g., rental or exchange of donor lists with other organizations), the AHA as a minimum will use the "Opt-Out" approach. An "opt-out" is obtained when the AHA, through some correspondence, gives an individual an opportunity to decline or "opt-out" of disclosures to third parties. If the individual does not opt out, permission is deemed granted. ....<BR/><BR/>Sounds to me like you will be getting fund raising mail from them using your person health information.Anonymousnoreply@blogger.com