My esteemed listmates,

It's my understanding that e-mail and text aren't encrypted, so definitely
not HIPPA compliant.

But, couldn't doctor's offices/hospitals have you sign a form saying that
you acknowledge the risk of using unencrypted communications and what
information they're allowed to send in what channels

Better you use an email to confirm the date and time of an appointment than
using a PW generator where it could be hacked and now the miscreants can
access your patient portal and gather all your health care records.

We know the patient portals aren't the only way in for miscreants but is it
one of the easier way to get healthcare info?

It's easier than dumpster diving.

Police detectives and the FBU have shared that most criminals are lazy (and
or dumb) so that's why they're criminals. It takes talent and the right
temperament to write code so many miscreants could never use their "powers
for good and not evil" as they have no special talents.

Does it take much talent to gain access to a patient's portal records?

An experienced detective explained to me that many of those using
Ransomware never created that software but found it "on the dark web" (chat
rooms) where they are given step-by-step instructions of how to use the
Ransomware created by others.

We have some patrons who have been really circumspect re: sharing their
email addresses and/or phone #s with us just for a library card.

Others don't want to share their driver's license numbers.

We're all trying to assess and manage risk but how much do we really know
and understand about our or others' vulnerabilities?

Thanks,

Charles.

Charlotte County Public Library