Hacker News new | ask | show | jobs
by chimeracoder 901 days ago
> In summary, if we were to blindly look at someones medical history or records without a bona fide articulable suspicion of a crime, it'd be massively illegal.

It's extensively documented that law enforcement breaks laws all the time. Your comment isn't reassuring at all - in fact, you're just describing how normalized the process for violating the 4th Amendment and patients' privacy is.
1 comments
CodeAndCuffs 901 days ago
> how normalized the process for violating the 4th Amendment and patients' privacy is.

Well thats the rub, isn't it? Right now the courts don't see this as a violating of the 4th amendment. I can see the argument for requiring a warrant. Im not necessarily against the requirement, but this isn't normalizing a 4th amendment violation any more than license checkpoint (which the courts have also ruled isn't a violation)

[Edited to add the rest of the quote]

link
chimeracoder 901 days ago
> Well thats the rub, isn't it? Right now the courts don't see this as a violating of the 4th amendment.

You omitted the end of my sentence in your quote, which is operative in this case. As explained in the article, the Third Party Doctrine establishes a loophole in 4th Amendment case law. The system you're describing is one which was created specifically to exploit this loophole: to violate patients' privacy while still complying with the 4th Amendment on technical grounds, all the while grossly violating it in spirit.

link
CodeAndCuffs 901 days ago
> You omitted the end of my sentence in your quote, which is operative in this case.

My apologies. I've re-added it with an edit note.

I think its a reach to say 'the system' was created to exploit 4th amendment loopholes, especially in this case. Again, the patients privacy isn't compromised by the pharmacies at all here. The state has its claim of a vested interest in prescription activity, much like with drivers licenses and vehicle registration, and has a database of said data, much like with licenses and vehicle registration.

If I start running tags to see where someone lives to stalk them, thats bad, and illegal. If I start running prescription data for someone to see what they're on and stalk them, thats bad and illegal.

If a car dealer says "These VINs on the car dont match, we think something was stolen" we can investigate it by accessing the state database. We will likely see some personal information of someone who isnt guilty of anything in the process of this investigation. If a doctor says "This person filled a prescription under my name that I didnt write" we can investigate it by accessing the state database. We will likely see some personal information of someone who isnt guilty of anything in the process of this investigation.

My assertion here isnt "Everything is fine, change nothing". Its "If you're concerned about privacy here, you are looking at the wrong target". Warrant requirements could be reasonable. Whether we get them or not, I think a good start would be auto-redacting Prescription Monitoring Program reports. If Doctor Adams says Bill filled a fraudulent script, because Adams doesnt write for percocet, I shouldnt see every name for every prescription on Adams' report. That should be redacted. Then if I see a script for percocet, which we've established is fraudulent, we then un-redact the "patient" name.

Again, CVS handing me a copy of a prescription that I already know is fake is the least significant issue at hand.

link
refulgentis 901 days ago
I've been here, aka worked at Google and became confused why people didn't trust it, since I now trusted it.

Succinctly:

- you described an _excellent_ process

- the key part is "concerningly sometimes ppl handed me stuff before I identified myself"

- there's nothing you can say or do to alleviate that

Furthering the Google analogy, with intent to clarify:

The Google version of this is "you can have all the data behind 20 locks and and 32 keys and 5 biometric measures and never let human eyes actually see it. Now let's turnover all Google employees. You sure they'll do the same thing?"

(the answer is no, after The Great McKinsey-ification and the corner-cutting and self-justification of lies demonstrated since ChatGPT)

link
Zak 901 days ago
> any more than license checkpoint (which the courts have also ruled isn't a violation)

Personally, I think that was a terrible ruling. Any suspicionless stop and check/investigation/search in a place everyone has a right to be should be treated as an unreasonable search.

The pharmacy records checks you're describing here are based on evidence that would likely hold up as probable cause in court.

link
terminous 900 days ago
In the US, driving checkpoints are only allowed to check for compliance with driving laws only for the driver: drivers license, car registration and insurance, and sobriety of the driver. It is part of what you give up to drive in public roads. But checkpoints can't search passengers or the car, unless something else that is illegal is in plain view.
link
Zak 900 days ago
My understanding of the case law on checkpoints is that it started with inland immigration checkpoints, and similar reasoning got applied to checkpoints meant to catch drunk drivers. I consider it an evisceration of the fourth amendment, as did Justice William J. Brennan when he wrote as much in his dissent.

https://en.wikipedia.org/wiki/United_States_v._Martinez-Fuer...

link