  |
 |
|
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: | ||
 |
|
SECURITY GAPS FOUND IN MEDICAL WEB SITESSource: ReutersFebruary 3, 2000 WASHINGTON — Internet health sites are collecting and sharing with other companies detailed personal information about visitors, often without their knowledge and despite promises to protect privacy, according to a study released today. A survey conducted for the California HealthCare Foundation found several lapses from policies pledging to guard personal information and email addresses at 21 of the most popular medical Web sites. "The privacy policies of health Web sites do not match up with their own practices," said Janlori Goldman of Georgetown University's Health Privacy Project, which conducted the survey with Internet security consultant Richard Smith. For example, companies were sharing email addresses and other information when they promised they would not. Much of the information collected is linked only to a browser or email address. But sites can attach data to names and addresses if users have provided them for registration or in response to health surveys, Smith said. Many of the sites surveyed share information with advertisers and others without clearly telling visitors, the authors said. For example, a person might seek information about a particular disease, such as AIDS or depression, thinking he or she was anonymous. But Web sites can track a visitor's movements in several ways, sometimes without telling them. Companies such as DoubleClick keep record of which banner advertisements a user clicks on. Seven of the health Web sites surveyed had relationships with DoubleClick, and three had arrangements to provide data to similar companies, the survey said. "There's a very big problem with personal data being given to banner ad companies," Smith said, adding that "the value here is tremendous from a marketing standpoint." Such data-collecting occurs throughout the Internet, but health care sites ask for far more information than others, Smith said. While the consequence of health data collection online may be nothing more than unwanted email and advertisements, the study's authors said they worried that sensitive information could wind up in the hands of employers, insurance companies or family members. "Once a profile can be developed on someone's sensitive personal health information, it can be used in other circumstances, and that makes people anxious," Goldman said. Goldman said she hoped the findings would prompt health Web sites to strengthen privacy protections and alert consumers any time they were collecting information. Industry executives are meeting in Washington this week to discuss ethics for health Web sites, including how best to protect sensitive medical information. While companies favor self-regulation, Internet privacy is a top concern of Congress, and some lawmakers believe the government should set minimum standards.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
|
ALERT  WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |