cross-posted from: https://links.hackliberty.org/post/1028406
The state of medical privacy has become quite appalling lately. I started using a young doctor in a new office and they are gung ho on modern tech. That’s fine to some extent but they want to send me invoices and all correspondence via e-mail. No PGP of course. I did an MX lookup on their vanity email address & it resolves to an MS Outlook server.
I asked them for my test results. They offered to email them.
My response: I do not want sensitive medical info coming by e-mail via Microsoft’s servers. I did not give you a copy of my email address for that reason. It needs to be snail-mailed to me.
Perhaps of greater concern is that the receptionist acted like I am making a unusual request, and that they do not mail things. Apparently I am the only patient who has a problem with sensitive medical info going to Microsoft. So the receptionist is investigating whether she can get approval to mail me my results by post.
I wonder if someone in that clinic will have to run out and buy stamps because I have a problem with Microsoft.
definitely agree with you.
also PGP is so easy to use that honestly I really cannot grasp why it's not more used for critical communication like this. if the emails were encrypted this would be much less of a problem