"We take patient privacy very seriously. It’s important to us that every patient posted on Watsi understands what Watsi is and how it works. Our medical partners are responsible for ensuring that every patient understands Watsi and explicitly wishes to participate in the program. If a Watsi Crowdfunding patient doesn’t wish to be featured on the website, we give them the option to have their healthcare funded via our General Fund without ever appearing on the website."
I think his point is that this only addresses patient consent and website publicity, and nothing about what they do to actually keep patient data secure and private.
You'd think they conform to HIPAA, which everyone knows is primarily a shield from lawsuits. As long as you follow HIPAA rules you are immune from liability after data exfiltration incidents. The seemingly inexhaustible amount of patient data on the Interwebs would confirm this view.
I think prettymuch anything they could do would be better than paper files sitting in unsecured rooms protected only by people's sense of individual decency; or worse, no files at all.
Maybe your local dentist is like this, but almost all 'large-ish' hospitals are totally digital these days. The compliance rules for patient data safety and security are really crazy too, I would not be worried. That said, paper is in fact more secure in general, as it is very difficult to just 'grep' a filing cabinet, move several of them in a few seconds, or ransom-encrypt all of them before anyone notices.
"We take patient privacy very seriously. It’s important to us that every patient posted on Watsi understands what Watsi is and how it works. Our medical partners are responsible for ensuring that every patient understands Watsi and explicitly wishes to participate in the program. If a Watsi Crowdfunding patient doesn’t wish to be featured on the website, we give them the option to have their healthcare funded via our General Fund without ever appearing on the website."
Is that different from when you looked at it?