[hodwic]

Businesses are just groups of humans. We in the US have constitutional protections around freedom of association and assembly, of which a business is but one example. We extend other constitutional rights to businesses, because to remove them from businesses would be to remove them from the people associating under those businesses, and would thus be a limit to free assembly.

Also, we definitely do not have a constitutional right to privacy in the public sphere for services that we elect to use.

[Daishiman]

This is completely invalid.

Courts and legislatures in the US regumate limits to corporate behavior in ways that are the complete opposite to what you're saying.

[hodwic]

I'd be interested if you could provide some examples of regulation which would be unconstitutional if applied to another form of free assembly which is currently held constitutional when applied to a business.

[Daishiman]

Businesses have to comply with regulations in the form of record-keeping, safeguarding medical data, determining the composition of its board of directors, etc. HIPAA is not for individuals, neither is Sarbanes-Oxley.

[friedman23]

> HIPAA is not for individuals

It is. I don't even understand how it couldn't be unless you are trying to state that doctors themselves are somehow not individuals.

[maemilius]

I think I can kinda see this argument, actually. The punishment for violating HIPPA is not placed on the individual, it's placed on the company.

I work for a company that operates on HIPPA-protected data; if I leaked any of that, I wouldn't face any legal punishment but the company I work for would be on the hook for some seriously large fines.

[dragonwriter]

> The punishment for violating HIPPA is not placed on the individual, it's placed on the company.

Be careful believing that; it's true that direct liability under HIPAA is almost exclusively for be covered entity as such, but individuals may be criminally liable for HIPAA violations in two ways:

(1) Certain directors, officers, and employees may be liable under general principles of corporate criminal liability, and

(2) Individual employees (and other inbividuals) not criminally liable under (1) for direct HIPAA violations that have a role in it may be liable for conspiracy or aiding and abetting (the latter of which has identical punishment to the crime it relates to) related to the underlying crime committed by the covered entity that is their employer.

So, yes, actually knowingly leaking PHI that subjects the company to crimination penalties under HIPAA would likely also subject you to criminal penalties tied to that HIPAA violation.

[hodwic]

I asked specifically for other forms of assembly. Individual constitutional rights are applied differently than those rights are applied when assembled.

Hence: Is your argument that it would be unconstitutional to apply SOX or HIPAA to non-profits, teachers unions, churches? If not, my original argument still stands. Businesses are forms of assembly, and thus protected by the first amendment.