Colleges and university have their own health care systems. Assistant director of information security at Eastern Illinois University, Adam Dodge said about the unauthorized release of medical information "One thing that continues to shock me," and continued , "is this unauthorized disclosure of information, information that is just accidentally sent out to people." He says that unauthorized releases of information is twice as likely to be accidental than released by a hacker(22 ).
A clearing house of medical information the Medical Information Bureau (MIB) member companies are required to share any information on a individuals life expectancy. This also includes information like high blood pressure and obesity, and other information that may affect insurability, such as a reckless driving record or participation in hazardous activities(23 ).
President Bush allowed medical privacy legislation go through congress. Health care providers needed to give written consent before using medical information for care. It also put limited on the disclosure of medical information for marketing. In 2002 President Bush proposed the written consent requirement be dropped (24).
Insurance Portability and Accountability Act (HIPAA) has loopholes that jeopardize patient's medical privacy. The HIPAA allows access allows access to person's medical records by people who are not subject to federal regulation or enforcement. These "business associates" are only bound by a contract wit a HIPAA entity. The entity can be in violation is it knew or suspect a violation took place (25 ).
There is a move afoot that calls for digitalizing the health care system, there are concerns though. Timothy Sparapani, ACLU Senior Legislative Counsel said "Only with proper privacy safeguards in place will the American people get behind the shift to health IT systems," and also said "If Congress is planning to spur the integration of health IT, members must remember the needs of their constituents and include protections for medical privacy. Privacy enables health IT it does not prevent it because privacy protections ensure the public will participate and utilize health IT." Michelle De Mooy, National Priorities Associate of Consumer Action reminds us "Privacy is not just a basic right for all Americans, it has become a basic necessity," and cautions "Real people are already suffering the ill effects of losing their medical privacy, including losing jobs and being victims of identity theft. Privacy protections must be at the core of Health IT to prevent this from continuing to happen."(26).