Privacy Rights and the Consumer: What you need to know!

Mayo Clinic Rochester, with statues of the founders, Drs. Charles and William Mayo out in front. Mayo Clinic has policies in place to protect patient confidentiality. -Photo by Jeremy Griffith

University Campus, Rochester Community and Technical College, Rochester Minnesota. College and University Campuses are required by HIPPA and FERPA regulations to protect the privacy of consumers. -Photo by Jeremy Griffith

by Jeremy Griffith

Apart from our Freedom of Speech or Expression, or the Right to Worship as we please, the Right to Privacy is probably the most sacred of our individual liberties. So what happens if that right is violated by a trusted health care worker, student affairs administrator, or a journalist?

Well, the reader should know that we did extensive research on this topic and we found that a private citizen has certain rights guaranteed to secure the privacy of their financial records in institutions of higher learning or their personal medical records at their doctor’s office. That doesn’t unfortunately mean that breaches don’t occur however, they certainly do. But those persons inside or outside an institution can face criminal and civil penalties for breaching public trust where private records are concerned.

We spoke to an old friend who is both a licensed clinical social worker and an employee in the financial aid office at a major Minnesota university. He wouldn’t go on record for this article, but he was willing to give background information. He confirmed to us in our background interview that universities and colleges are covered under HIPPA and FERPA privacy rules and that individuals working for the institution who violate the trust of students and parents are subject to termination from their jobs AS A MINIMUM. Severe breaches of trust for individuals can open the institution or the individual involved in divulging the information to an outside source to criminal prosecution and lawsuits.

Our friend also confirmed for us that Licensed Social Workers who violate the trust of their clients and divulge information to outside sources can be sanctioned by the authorities who license them and that their licenses can be limited, or revoked pending on the nature of the offense.

Let’s take a step backwards for a moment and define terms. HIPPA is an acronym that stands for the Health Insurance Portability and Accountability Act of 1996 and is the Department of Health and Human Services rule that covers privacy issues where it touches on medical records. It should be noted that the privacy rule was not legislated by congress but was a directive from HHS. Never-the-less, it provides the teeth for which all privacy violations are controlled under when it comes to medical records. Definitions and detailed information on HIPPA is available at the HHS website here.

FERPA stands for the Family Education Rights and Privacy Act and is the HIPPA equivalent for institutes of higher learning where it touches on individual financial or educational records of a student. A definitive summery of the act is available at the Department of Education’s website here.

Bottom line for both of these rules is this: that private individual who is the subject of the record can chose whether or not to divulge the record and that any outside source who wants to gain access to a record must have the express permission of the individual who is the subject of the records.

So if you are an record keeper of private records at a college or university, or a unit secretary, and you are approached by an outside source with a  question about an individual record, you are required to decline the request unless you have the express written consent of the individual who is the subject of the records.

Colleges and universities are covered under both rules because they can find themselves in possession of both medical records and academic or financial records within their financial aid offices. For example, a student who takes a leave of absence from the university must provide a doctor’s letter showing why he is taking leave to the university for their records and that information, with the diagnosis from the doctor is protected information that the institution cannot divulge without consent.

The right to privacy in regards to both of these rules is not complete, however. There are certain cases where the possessor of the record is required to divulge the record to another party. For example, according to the HHS website there are the following exemptions as expressed by the rule: the individual who is subject of the record, treatment payment and health care operations, opportunity to agree or object, limited data sets where the individual is not expressly identified for the purpose of research.

Clear as mud right? Bottom line is that the institution can use the data and share it with those who need to know, like consulting doctors and nurses, but have the obligation to protect the data from outside entities that don’t have a right or need to know.

Similarly, educational records are likewise protected. An outside institution can ask if you have a degree or if you are participating in the program, which the institution can acknowledge without consent, however, they may not give out what classes you took or your grade point average to that outside source, without your express written permission.

There are limits to the kinds of information social workers can divulge as well and they have some leeway as to what can be divulged. For example, a licensed social worker is a mandatory reporter when the client makes an expression of a threat to any person or to himself. That means that if a client is suicidal or is threatening harm to others, the social worker is required by law to report that information to law enforcement AND to the persons who are subject to the threat. Likewise social workers and other health care workers are mandatory reporters when it comes to neglect or abuse of vulnerable persons, especially children. That’s good to know right?

How important is all of this? We consulted attorney James D. Skyles of Skyles Law Group, LLC., founder of the website AskACyberLawyer.com. This is what he told us about what consumers should know about privacy issues and the Internet.

In short, privacy laws, particularly the 1974 Privacy Act provide protections for consumers by prohibiting companies from selling information to consumers, unless the individual consents, or under a few other circumstances as required by law, such as government reporting.  If they do disclose the information, there could be fines by the government.”

Another grave concern for consumers is hacking, where an outside source illegally accesses private information electronically from outside an institution. This is what Skyles said about that issue.

Now when it comes to online data privacy that a company does not actively disclose, if a database is hacked, the liability of the business varies greatly.  Currently the law governing this area is a patchwork of various federal and state laws, which are in no way uniform.  In general and in most jurisdictions, businesses have an affirmative responsibility to prevent the information hacking, and can face liability from both the government and from individuals if someone stole private information and used it to the detriment of the victims whose information was stolen.  

Skyles continues his analysis with this warning to consumers:

“In my opinion, this is not the worst problem.  The biggest problem with data privacy is the extent to which individuals consent to allowing companies to use and sell their information.  When you click “I Agree” on a pop up end user licensing agreement (EULA), you are often consenting to the company to do any number of things with your information.”

Bottom line is this, be careful with your personal information and who you give it to. Be wary of online access points like online bill pay. It can be convenient to do business that way, but be careful that you don’t overdo it and you don’t give out personal information online to a source that doesn’t have reputable online security controls. It doesn’t ever hurt to ask your college or medical center whether or not they have online controls that protect your virtual identity.

It should be noted that health care staff have been fired from their institutions recently for egregious privacy law violations. That doesn’t prevent your private data from getting out there, but it does ensure that if there is a breach that institutions are doing what they can. Some organizations even punish employees who are snooping through records even if there isn’t a public disclosure of records.

Mayo Clinic for example has over 100 policies covering privacy issues according to their website. Employees of all Mayo sites are trained regularly on their responsibilities to protect patient confidentiality. The Post Bulletin of Rochester reports that health care staff have been removed from their jobs for snooping through records where the provider or clinical worker did not have a need to access a personal record.

It should be noted that some institutions produce so called honey-traps to catch abusers. This is a controversial practice for IT workers and can only take place with the express authorization of the institutional leadership. Honey-traps are instances where IT workers produce a fake record of a famous or well known person and monitors it to see if unauthorized persons try to access the record. In this way they can catch abusers in the act and take remedial action against the employee. This may or may not be ruled as entrapment in a legal setting but could result in the termination of the employee.

While health care workers and record keepers can get into trouble for obtaining records illegally, so too can journalists. In Great Britain for example, journalists are facing criminal charges for hacking into private cell phone conversations. The result of this trial will be interesting as it affects News Of The World, a subordinate company of NewsCorp, which owns Fox News here in the United States. The results of that case can have broad implications for journalists who access records or tap phones illegally.

Ultimately you are responsible for your reputation and personal data. Take care of it and it should be secure, and take comfort that most of the time your data is being secured by the institutions you trust.

Share This:

Voter ID Survey Responses as of Oct. 21, 2012

Jeremy Griffith, creator of American Millennium Online, in front of Thomas Jefferson’s house. Nobody was home.

by Jeremy Griffith, creator of American Millennium Online

A couple of weeks ago I asked you what you felt about the constitutional amendment in Minnesota requiring voter ID at the polls. Here is a snapshot of the results as of Today, Oct. 21, 2012.

Though this is not a scientific poll by any stretch of the imagination, we did try to create the most recent Star Tribune Poll on this very same question, using the same demographics and questions they used.

Six of you were gracious enough to respond. Here is the breakdown.

Four of you are in favor of a constitutional amendment requiring photo ID at the polls. Two of you are opposed to the amendment. That means that 66.7 percent in favor of the amendment, 33.3 percent opposed.

Five of you are men, and only one woman responded. That’s 83.3 percent male, 16.7 percent female. Come on women, we want to know what you think!

As to the income of the respondents polled, two of you responded that you earned less than $25,000 a year. Two of you earn $50,000 to $100,000 a year and one of you earns more than $100,000 a year. That percentage breakdown is 40/40/20 respectively.

Where do you guys live? One of you is in Northwest Minnesota, two live in the Minneapolis/St. Paul Metroplex, and one of you lives in Southeast Minnesota near me. That percentage breakdown is 25/50/25. Two of you did not respond? Perhaps you live out of state?

As to your ethnicity, three of you responded that you are Caucasian, 2 of you responded that you are Black. One of you declined to answer. Interesting.

As to your age, one of you is 18-35 and four are in the 36-55 age bracket. I would assume that these are the ages of people comfortable with the Internet to fill out online polls. One of you did not respond to the question. Perhaps you are ageless? Is that you Gandalf?

Two of you have served in the military and three of you have not. One of you declined to respond. That percentage breakout is 40/60. Perhaps one of you served in the Foreign Legion? Perhaps next time I’ll include a question for Peace Corps volunteers?

Thank you for investing your time to answer my poll. I’ll leave the survey up for a while longer to see if we get any more responses. Below you’ll find a infographic showing the breakdown so far. Thanks again for participating.

(Voter ID Favorability Survey: American Millennium Online)

Share This:

How do you feel about the Voter ID issue in Minnesota?


Polls and surveys are very good indicators of where people are on a certain issue. They also, over time, indicate a shift in sentiment if any.

Recently the Star Tribune conducted a survey asking people how they felt about the Constitutional Amendment to require photo identification at the polls that appears on the ballot this November. The September survey shows a substantial shift in sentiment from the earlier survey conducted in May. Look at the numbers at the respective links here.

How do you feel about the issue of photo ID at the polls? Are you happy with the current election system or do you think there should be changes? Do you believe in the accuracy of polls? Do you feel informed enough about this issue to make a decision?

We’re asking some of those questions and more in the attached survey we’ve devised on our own. We’d like you do take a few moments to answer some of our questions and present feedback.

Take a look at the latest debates on photo ID at theuptake.com and You Tube. Who do you think won these debate?

You’ll find a video of the opening moments of the Voter ID Debate at Metro State University, along with a visualization of the latest Star Tribune poll here.

For more information go to the American Millennium Online.com.

Create your free online surveys with SurveyMonkey, the world’s leading questionnaire tool.

Create your free online surveys with SurveyMonkey, the world’s leading questionnaire tool.

Share This:

Voter ID History So Far

(Video by Jeremy Griffith)

History of the Voter ID Debate in Minnesota

In November, Minnesotans will vote on election day for or against a controversial pair of amendments, one upholding the definition of traditional marriage and the other on requiring photo ID at the polls. We will be examining the photo ID constitutional amendment.

The voter ID law has been an issue since the heavily contested election of Al Franken as senator over the incumbent Norm Coleman. The election was so tight that voter fraud was alleged and recounts and legal challenges mounted. In the end Franken was elected, but a need had arisen in the eyes of many to clean up the Minnesota election system.

Dan McGrath of Minnesota Majority has led the charge to require voter ID laws since the 2008 election. He has turned up instances of voter irregularities and fraud and has helped draft voter ID legislation.

In 2010, Minnesota Governor Mark Dayton vetoed the law that was approved largely on a partisan basis. He says the law would disenfranchise many voters who cannot afford an ID.

In an effort to get the matter into law, the Minnesota Majority and protectmyvote.com people have sought the make the issue into a constitutional amendment that would have the power to bypass the governor’s veto. This puts the matter directly in the hands of the voter.

Over 80 organizations in the state oppose the voter ID amendment saying it would serve to restrict voter turnout and disenfranchise voters unable to obtain ID.

Secretary of State Mark Ritchie who opposes the law, changed the name of the ballot initiative without the consent of the legislature. The issue was taken to court and the supreme court of Minnesota ruled that the Secretary did not have the right to change the name of the initiative on the ballot where the legislature had already done so.

Opposition of the law includes the Secretary of State, The Governor, and the League of Women Voters, and most recently OurVoteOurFuture. On Thursday Dan McGrath debated OurVoteOurFuture’s Doran Schrantz on public television. Local legislators who support the bill includes former Secretary of State Mary Kiffmeyer, who authored the bill, Rep. Mike Benson, and Sen. Carla Nelson, to name a few.

John Fund of the Wall Street Journal has written a book on the issue of voter fraud entitled “Who’s Counting? How Fraudsters and Bureaucrats Put Your Vote at Risk”. He supports the Minnesota Voter ID amendment and has visited Minnesota often to talk about this issue. Recently he spoke to amendment supporters in Minnesota and debated Hennepin County Attorney Mike Freeman.

For more information on this issue, follow American Millennium Online.com.

(Below see a the most recent poll regarding Voter ID from the Minneapolis Star Tribune.)


(Visualization by Jeremy Griffith based on statistics from the Star Tribune Poll.)

Share This:

Voter ID Debate at Metro State University

In case you missed it, here is a sample of the one and only voter ID debate at Metro State University between Minnesota Majority’s Dan McGrath and OurVoteOurFuture.org’s Doran Schrantz. The debate took place at Metro State University Thursday Oct. 4th and was sponsored by Debate Minnesota, with Bill Salisbury of the Pioneer Press moderating.  (Video by Jeremy Griffith, The American Millennium Online)

Share This: