504
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 04 Jan 2024
504 points (97.9% liked)
Technology
60047 readers
1649 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
Source? If you broadcast encrypted data you're not sharing it with anyone who doesn't have the right key to decrypt it. Someone could theoretically crack the encryption, but literally every method of transmitting information is vulnerable to being intercepted by a sufficiently motivated attacker.
I'll copy my reply to the above, but add that someone who has the key to encrypt a broadcast doesn't necessarily have a need to receive private health information. Law enforcement officials may receive protected information if they need it in the course of their duties. Private health information should only be shared in a secure communication, but encrypting the broadcast doesn't change the fact that
This is like HIPAA training 101 stuff. If you're a doctor at a hospital, you might be able to access any patient's records. But if you peek at a celebrity's serologies, you've violated HIPAA. Broadcasting on an encrypted channel would be like posting test results in a locker room and arguing that it's OK because only doctors have a key to the room. Having access to information is not the same as needing access to information, regardless of whether everyone has their paperwork in order.
https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html
Ok, I think I see where our disagreement is. Would you agree that an encrypted broadcast is ok if you encrypt the sensitive information with a key that is only accessible to the specific individuals who need it? Not that I see any advantage to doing so—it's just a hypothetical scenario.