[PH95VuimJjqBqy]

yeah, that's what we want, 3rd parties having access to SSN's, addresses, psychiatric details, etc.

This all works in theory but not practice. If we were try to implement that in 20 years people would be complaining about fraud tracked down to some minimum wage worker reviewing tapes for these 3rd parties.

this is why I said there's not an easy answer.

[Broken_Hippo]

You already have this to an extent - how many people touch your medical records? I can look up people's past addresses online, it isn't all that private - which is fine for most folks, but bad for folks getting stalked.

Heck, I worked at a landline phone company 25 years ago and they used the last 4 numbers of a social security number to verify everyone. Think about this every time you talk to a utility: That underpaid worker definitely sees your information. Plus addresses and names and so on.

But more realistically, there is no real reason that the person viewing the footage needs any of that information. It might be helpful to know that the person is having a mental health crisis, sure, and it might be helpful to know if the person is a minor. But they don't need to know the names of folks nor what the diagnosis is. Treat it like health information: Give nothing but the necessary information. And if society can trust an underpaid, stressed call center employee to have a bunch of this information, I'm pretty sure we can trust these underpaid, stressed folks too.

[PH95VuimJjqBqy]

I don't think you understand the risks you're talking about.

For example, people have been blackmailed over psychiatric records from their childhood.

[Broken_Hippo]

Anyone determined can already do that. A quick google search pulled up examples - most of the first page results were folks breaking into mental health facilities data. Which makes sense: Why would you sift through loads of mundane police footage when you can just look at the care center's records?

The risk would remain about the same. Most folks aren't gonna do this, and those that want to already can.

And we could lessen it by being more accepting and forgiving and not making things like mental health struggles a source of shame.

[PH95VuimJjqBqy]

Do you know why the thieves broke into the mental health facilities?

because many of them put patient records in physical safes. Do you know why they don't put them online?

yeah, exactly.

What you've basically said is "it's ok because someone could break into a police station to get that material anyway!".

Or to apply this in another way.

I should be ok with other men sleeping with my wife because she might get raped anyway.

it's such a ridiculous line of thought. The fact that someone somewhere is willing to enter into criminality to do it doesn't imply we shouldn't endeavor to prevent it.

[inkcapmushroom]

The third party in this case is probably the oversight boards that were referenced in the article. They should not be going to the police requesting footage and being denied, they should be the ones who control all the footage, and the police should go to them to request it. That's the only way the oversight boards can actually do their jobs.

[lannisterstark]

>yeah, that's what we want, 3rd parties having access to SSN's, addresses, psychiatric details, etc.

?? This already can happen by default for a LOT of people. I work as a subcontractor for a federal contractor in healthcare, and I can see all of them if I wanted to. We just don't.

[PH95VuimJjqBqy]

> I work as a subcontractor for a federal contractor in healthcare, and I can see all of them if I wanted to. We just don't.

I also work in healthcare, I'd like to see you make that request.

edit: To draw an analogy. you may work for a credit bureau but if you start requesting records for celebrities you're not going to be working there for very long.

I've _built_ the systems put in place to limit and monitor for these sorts of activities in healthcare specifically as a result of the liability it puts the company under due to federal regulation.

[FireBeyond]

Then you would know that HIPAA allows for one subset of the above, health information to be shared for treatment purposes even without patient authorization, as long as reasonably safeguarded.

I'm not saying that encapsulates everything that person says. But "reasonable safeguards" absolutely include a lot of the things you say are unacceptable.

I worked for a company that built claims benefits management systems, including one for SAG-AFTRA. Notably, that one, because they were about the only customer who was absolutely militant about lockdown of access to data (because it would show celebrity healthcare claims).

Actually, the biggest challenge we had was from our customers wanting to do data mining that was federally illegal (like looking at familial healthcare data to determine predisposition for a covered person for a certain condition).

[PH95VuimJjqBqy]

what the person said was "we could access any data we want, we just don't".

There's no way they fall under one of those exemptions, especially if they don't need it to do their job. If anything, the statement "we just don't" is indicative that they wouldn't fall under those exemptions.

But really the point was that this stuff is heavily regulated. If a company isn't following those regulations that's going to bite them in the ass eventually.

Typically speaking, you can convince auditors of a lot of things but it only takes getting the wrong auditor for it to all go down hill.

[lannisterstark]

>I'd like to see you make that request.

Cute of you to think that there's a 'request' part. My point was that we do need to check them to see if x site/app/tab is working or not after patching. It's part of our job.

Edit: I think the confusion here might be you're thinking US Federal. I am not.

[PH95VuimJjqBqy]

HIPAA has requirements for logs and that includes logging access to data. What company is this that isn't following those regulations such that you can crack open raw logs at any time?

[lotsoweiners]

But what if this person has direct access to the database? I’m a developer for my local government and have direct read/write access to many system’s production data. I could not only read but also update important info about people without going through an application all while logged in as the applications SQL ID. In fact I have to do this to handle tickets that are caused by limitations in the system.

[PH95VuimJjqBqy]

the reality is that someone, somewhere, is going to have access like this. Depending on the industry and the type of data there's typically a separation of concerns.

For example, if you can get code into production you cannot have access to production data and vice-versa.

You'll also see data in different databases where no one has access to both. You'll also see things like this with the use of encryption keys, such as KEK vs DEK where no system has access to both.

https://security.stackexchange.com/questions/93886/dek-kek-a....

typically speaking these compliance frameworks will have exemptions for "business need" and companies will try to drive a semi-truck through that hole. Whether they get away with it depends on multiple factors such as the size of the company and the auditor's mood.

It's almost like being "too big to fail". I have seen some absolutely heinous setups surrounding compliance related data that was allowed via "business need" because pulling that rug would cause the entire company to stop functioning. Generally when companies do things like this and they get to that size they'll spend years rectifying the problem because auditors will start giving them the stink-eye or they'll actually hire people who aren't comfortable with what they're doing.

it's all very messy, but don't assume that just because you have that kind of access that you should (and don't assume the reverse either). Without knowing more about what you do I couldn't say.

But for sure the other poster went quiet when I asked who the company was because they're fully aware they're on shaky ground. Which was my point in making that statement.

[carlosjobim]

That third party is sometimes a roster of lawyers selected by the court in that jurisdiction. These dilemmas are not new, nor body-camera specific.