Comment by bdamm
2 days ago
Most doctor's offices just use my name and birthday to assume authorization to transfer sensitive medical information. I kinda feel like privacy is massive "emperor has no clothes" aspect of society.
2 days ago
Most doctor's offices just use my name and birthday to assume authorization to transfer sensitive medical information. I kinda feel like privacy is massive "emperor has no clothes" aspect of society.
This behaviour is just because their IT system doesn’t allow regular users to search for names, just for birth dates. Then they pick you by name from a list of people with that birthday.
This is nowhere near the only use of the "birthday + name == all info" hack in the US medical industry. It's basically one big giant frat club with shakes and implicit trust all around. Except that it doesn't actually work; you can fake being a doctor to just about any US medical office and get nearly any American's private medical data.
Exactly. This is just snake oil. No idea why I'm getting downvoted for stating the truth: the employee doesn't care about privacy. They don't use the birthdate because they think it's more secure, the ask for it because they have to.
Names are not unique
So what? The person on the counter doesn't care at all about your privacy. They just cannot type your name into a search box, they have to ask for your birth date first before they can select you from a list based on the name that you state afterwards. At least that's the case at many doctor's offices I've been to.
1 reply →