[simion314]

>The biggest group of people who do like the regulation seem to be EU citizens who want a reason to feel superior to Americans. It's unfortunate nationalism. We're all on the same side against the large corporations.

But you have an even extreme law in US for health data, you protect your health data that is generated in the health care system but if you google some symptoms, buy online some health products, read/watch some health related pages you are fine to be analyzed and sold to advertising? There is the example with the supermarket that detected some girl is pregnant in "leaked" the data to her parents and that is fine for you = but if a doctor would have done the "leak" it would have been a serious issue.

GDPR is not as extreme as HIPAA it just makes all personal data "problematic" and you can't do whatever you want with the data in secret.

GDPR surfaced all the hidden shit to the surface, many wanted the shit to stay hidden, now people can see that not only websites sell my data to a third party, they are greedy you want to sell it to 100+ different third parties - it makes you stop and think if maybe you want to close this tab or use a private window.

[AnthonyMouse]

HIPAA is a facet of the general disease in the US healthcare system. The compliance cost is enormous but the industry doesn't object, it even benefits them, because it's all getting billed to insurance and the more everything costs the higher the base cost they get to multiply by their profit margin. Meanwhile the insurance is heavily subsidized by employers due to tax incentives, and the employees/citizens don't even realize how much it's costing them because there are so many layers of indirection.

[simion314]

From my perspective as an outsider I see the regular US citizens loving HIPAA, seems to me to be p[laced in the same category as guns and free speech (even more I never seen someone arguing that health data should be sold to the highest bidder and in secret) were for guns and free speech there are people that want more limitations.

[AnthonyMouse]

Of course, because they're seeing the benefit and not the cost. It's like asking people if they want free video hosting without mentioning that you're tracking everybody who uses it. People say yes.

[simion314]

So your point is that HIPAA is bad, your doctor should be able to sell your data? My point was that your browsing data is similar to health data, it could even contain health data so it should be a trail of who is collecting what and is sharing with whom and why. I won't believe the argument that implementing transparency for what you collect and sell is too expensive.

[AnthonyMouse]

My point is that HIPAA has absurdly high compliance costs. It's like buying an apple for a million dollars. The problem isn't that apples are bad, but we sure shouldn't buy any more for that price.

[simion314]

Isn't the cost an implementation detail? The laws do not requiere things to be expensive and there might be a need for more regulations to fix the costs with better defined standards,software,procedures etc.