@zackwhittaker What an absolute disaster. This info will be a gold mine for scammers. "This is X calling from Y doctor's office, you have an outstanding bill - would you like to pay now over the phone?"

I've gotten that exact phone call before (a legit one, from my doctor). If scammers have access to medical info, it will be a breeze to fake calls like it.

@zackwhittaker Until we make the corporations hurt as much as these breaches hurt their users/customers/victims, we will never see any improvement.

Some suggestions:
1. CEOs are incarcerated for 1 day per user impacted and it goes permanently on their record. No pardon, parole nor using a stand-in allowed.
2. Fines are 5% of Global Gross Profit (not Net Profit) each breach that occurs. If there are multiple breaches, well, that company should have darn well paid for a sizable security developer teams and paired security tester teams.
3. Stop allowing companies to use SSNs, Date of Birth, etc. We can freaking use unique identifiers for each company, a vague you-are-this-age and such so they don’t get a whole bunch of data.
4. Data encryption and obscurification of this data separate from all other systems is a must. Not everyone needs to be able to see an SSN or Date of Birth or email address when doing actions that don’t involve that information.

@zackwhittaker

yeah, fuck UHC, I've never hated an insurance company more. It should be nationalized and its assets used to start single payer coverage. Their pharmacy (including CVS) was so bad I switched all my prescriptions to a small local pharmacy that has saved me thousands of dollars.

Fuck UHC. They need be ended.

@zackwhittaker

Best we can do is 3 months credit monitoring

@zackwhittaker

And this is why, despite being a techie and a geek, I have not allowed my health records to be uploaded digitally..,

@zackwhittaker

Time to go back to paper records.