Comment by bdamm
2 days ago
This is nowhere near the only use of the "birthday + name == all info" hack in the US medical industry. It's basically one big giant frat club with shakes and implicit trust all around. Except that it doesn't actually work; you can fake being a doctor to just about any US medical office and get nearly any American's private medical data.
Exactly. This is just snake oil. No idea why I'm getting downvoted for stating the truth: the employee doesn't care about privacy. They don't use the birthdate because they think it's more secure, the ask for it because they have to.