[Novalug] VA Health records held ransom

Mark Smith mark at winksmith.com
Wed May 6 22:00:43 EDT 2009 

the underlying issue is "who owns the data?"  in america you don't
own the data on someone elses computers even if it refers to you.
this permits the legal owners (e.g. the companies) to handle that
data as they see fit.  they can sell it when times are tough, or
protect it or not to protect it as they see fit.

elsewhere in the world, notably, europe and in particular germany,
and france, the people own data about themselves.

here's the difference... if a company loses their your own property,
oops.  if a company loses someone elses property, then it's a much
bigger deal.

let people own their own data and problem is solved.  company's
will no longer be able to be lax at protecting privacy b/c they
will be held seriously liable for losing it.  right now, there's
not much consequence for it.

if the axe of money is held over their necks, companies will be in
very hot financial water if they lose personal data.  they'll pay
dearly if they lose it paying all the owners for their loss.  even
paying $100 per record may means many millions of dollars _per_
incident.  want real security deployed make it worth their while.

sadly, no company will spend real money on security because it's
not in their best interest to do so.  especially not when the company
next door isn't.  that affects their bottom line.  it needs govenmental
support all at the same time to make it happen.  corporate lobbying
may make that hard though.


On Wed, May 06, 2009 at 12:36:10PM -0400, Jay Hart wrote:
> I'm sorry, Joe, but your company put my private data on a server that could be
> accessed "somehow" via the web.  Now my data gets stolen and you want to
> "monitor" my credit to protect me.
> 
> Sure, I'll go for it, 24x7 support, I have the ability to lock and unlock my
> credit as many times a year as I need to in order to conduct legitimate
> business.  You call me whenever you think something looks fishy. You don't
> store my entire SSN, just last four.  You're responsible for any breach during
> this time.  I have final say about any potential policy changes, etc.  ANY
> breach starts the year over.
> 
> Sure, I'm game, just YOUR PAYING FOR IT.
> 
> Disclamer: Joe's company didn't do this.  I'm using him as an example.
> 
> On my personal credit issues.  Since I didn't create my problem, I didn't
> think I should pay to fix it, so I didn't sign up for a plan.  If this country
> wanted to fix this type of problem (identity theft), it would be standard
> policy for the credit reporting companies to lock down your profile and have
> you open it vice having you jump through hoops to close it.  Of course credit
> card companies and businesses wouldn't make money this way, buy hey, tough.
> 
> INAL, but when my credit gets stolen again, I'm just going to sue any company
> who fraudulently sends me a bill in the mail.  It won't be my problem to prove
> to them it wasn't me, it will be up to them to prove it was me.  In other
> words, show me video prove, or forget it.  Four companies have video showing
> the criminals who got me, and I want to see it.
> 
> Jay
> 
> > LOLO this is funny to be honest.
> >
> > FYI it is cheaper to let him keep the records.
> > the company can just give them all monitoring on there credit for a year for
> > around 30-50 bucks per person(and that is only if they know to ask for it).
> > I am not sure if Jay will agree yea to the individual it sucks. but in my
> > opinion it is better to have a credit monitoring system in the end. i pay
> > 9.95 a month.
> >
> >
> >
> > On Wed, May 6, 2009 at 10:18 AM, Bonnie Dalzell <bdalzell at qis.net> wrote:
> >
> >> On Wed, 6 May 2009, Dan Arico wrote:
> >>
> >> >
> >> > There's another question that ought to be raised in view of proposals for
> >> a
> >> > national medical database. Just how secure is *it* going to be?
> >> >
> >> > Dan
> >>
> >> this is a question that I have worried about a lot. the comuter user
> >> public (as in a number of my clients and friends) has a much greater
> >> degree of trust in the reliability and security of their computers than I
> >> do. This is obvious when you repeatedly hear about people loosing all
> >> of their digital family photos when a harddrive dies, etc.
> >>
> >>
> >> >
> >> > --
> >> > One OS to rule them all, One OS to find them,
> >> > One OS to bring them all, and in the Darkness bind them,
> >> > In the land of Redmond, where the Sales Reps lie.
> >> > _______________________________________________
> >> > Novalug mailing list
> >> > Novalug at calypso.tux.org
> >> > http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
> >> >
> >>
> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>                        Bonnie Dalzell, MA
> >> mail:5100 Hydes Rd PO Box 60, Hydes,MD,USA 21082-0060|
> >> EMAIL:bdalzell at qis.net <EMAIL%3Abdalzell at qis.net>
> >>
> >> freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
> >> breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
> >> Editor Net.Pet Online Animal Magazine  - http://www.netpetmagazine.com
> >> HOME http://www.qis.net/~borzoi/ <http://www.qis.net/%7Eborzoi/>
> >>  BUSINESS http://www.batw.com
> >>
> >> _______________________________________________
> >> Novalug mailing list
> >> Novalug at calypso.tux.org
> >> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
> >>
> >
> >
> >
> > --
> >
> >
> > --Joseph Brinkley
> > _______________________________________________
> > Novalug mailing list
> > Novalug at calypso.tux.org
> > http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
> >
> 
> 
> _______________________________________________
> Novalug mailing list
> Novalug at calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug

-- 
Mark Smith
mark at winksmith.com
mark at tux.org

More information about the Novalug mailing list