this post was submitted on 16 Feb 2024
181 points (95.9% liked)
Privacy
32003 readers
929 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't where you live. But almost all of bigtech US cloud is problematic (Read: Illegal to use) for storing or processing of Personal information according to the GDPR if you're based in the EU. Don't know about HIPPA and other non-EU legislation. But almost all cloudservices use US bigtech as a subprocessor under the hood. Which means that the use of AI and cloud is most likely not GDPR-complaint. Which you could mention to the right people and hope they listen.
Edit: It's illegal to use for the processing of the patients PII, because of transfer to insecure third countries and because bigtech uses the data for their own purposes without any legal basis.
Edit 2: The same is the case with your, and your colleagues PII.
In my opinion privacy and GDPR is the same in this case. I think most public authorities is required to have a DPO, fx hospitals or the relevant health authority. The DPO can help answer your and your bosses questions on the mentioned questions.
Hope you figure it out.
I agree and I suspect this planned system might get scuttled before release due to legal problems. That's why I framed it in a non legal way. I want my bosses to understand the privacy issue, both in this particular case but also in future cases.
You don't have to use a cloud service to do AI transcription. You don't even need to use AI. Speech to text has been a thing for like 30+ years.
Also, AWS has a FedRAMP authorized Gov Cloud that's almost certainly HIPAA (and it's non-us counterparts) compliant.
Also also, there are plenty of cloud based services that are HIPAA compliant.