Personal data on Web sites are vulnerable
Washington -- Visitors to health Web sites are not anonymous, even if they think they are, and personal information shared with health Web sites is highly vulnerable, according to a report released this month by the California HealthCare Foundation.
The report looks at the privacy policies and practices of 21 of the most trafficked health sites on the Internet. It also concluded that few sites follow their own privacy policies.
The privacy concerns related to these health Web sites aren't because they're vulnerable to "hackers," although some security leaks were found. It's because the sites are sharing the personal health information they collect from visitors, without their knowledge or permission.
"Health care Web sites have access to an unprecedented amount of personal health information," said Richard M. Smith, the Internet security expert who investigated the sites. "We found third-party ad networks receiving access to information that would allow them to build detailed, personally identified profiles of individuals' health conditions."
The report suggested steps to improve privacy safeguards of the sites:
- Perform a thorough evaluation of each site's privacy policy.
- Close the loop between privacy policy and practices by measuring the policy of the site against the information collected.
- Provide Web site visitors more anonymity by limiting the sharing of the information gathered.
- Develop a standard privacy policy with Internet health leaders.
Back to top
Copyright 2000 American Medical Association. All rights reserved.
