this post was submitted on 11 Feb 2024
-39 points (30.3% liked)

Privacy

31935 readers
764 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

People say to me go look for it and I can only see the absurd of proprietary software that they use, such windows, Microsoft word, outlook etc.

These are all spyware, talking to a health care professionals is talking with Microsoft too.

all 21 comments
sorted by: hot top controversial new old
[–] TexMexBazooka@lemm.ee 68 points 9 months ago (2 children)

Jfc this community

Don’t use anything ever, at all, if that’s your take. Almost every business, industry, and sector users windows in some capacity. You cannot avoid it. Your bank uses windows, your local government uses windows, fucking Taco Bell uses windows.

What would you prefer, every company use individual home grown, poorly maintained software?

Every company use only Linux? That’ll create so many more problems.

Go live in a cabin in the woods if you’re this paranoid. Otherwise bank on the fact that regulations surrounding healthcare data are pretty strong and are taken pretty seriously, and Microsoft knows that.

[–] cobra89@beehaw.org 4 points 9 months ago

I guess OP never uses ATMs, because I'm pretty sure every ATM I've ever seen uses Windows Embedded.

[–] dangblingus@lemmy.dbzer0.com 0 points 9 months ago

Otherwise bank on the fact that regulations surrounding healthcare data are pretty strong and are taken pretty seriously, and Microsoft knows that.

This is a ridiculous statement and you know it.

[–] rambos@lemm.ee 33 points 9 months ago

You trust health care professionals because they save your life and help with your health. We would not survive for long if we trust only people who use graphaneOS and linux lol

[–] BearOfaTime@lemm.ee 33 points 9 months ago (1 children)
[–] sherpajosh@lemmy.ml 23 points 9 months ago (1 children)

This. HIPAA laws in the US are strict and well enforced for enterprise.

[–] BearOfaTime@lemm.ee 9 points 9 months ago* (last edited 9 months ago)

Sadly HIPAA doesn't do a great job, but it's part of the bigger picture.

Honestly, large hospitals don't do a great job with IT security, and smaller operations are even worse.

It's not the MS spying part (which doesn't happen in enterprise, because networks are managed) that's the biggest concern, it's the overall data management, security policy, encryption non-enforcement, and plain old poorly educated/trained users who are so susceptible to phishing attacks.

Add that most people think those of us who are security minded are paranoid, and put barriers in their way for no good reason.

Perfect combination of risk.

I've seen small business management wire $1mil to a criminal because they didn't follow company protocol.

These are the same management types you'll find at any company that isn't enterprise-level.

Edit: you'll find these types in enterprise too, but corp policy/procedure/process prevents them from fowling things up as easily, and they get trained on proper procedure or get pushed out, eventually.

[–] TCB13@lemmy.world 23 points 9 months ago* (last edited 9 months ago)

Your logic is all fun and games until you find out that your MRI machine doesn't have software for anything but Windows. Or that the software required to read and EKG is Windows only. Most of those devices tend to be isolated computer that don't even touch the internet and run some older version of Windows. Some of them have years of uptime on Windows XP Embedded or Windows 10 LTSC and it isn't now they'll suddenly fail.

[–] SheeEttin@programming.dev 20 points 9 months ago (1 children)

Yes, and? They are not sending your PHI to Microsoft.

Or, if they use Microsoft cloud services like 365 or Azure, where they are sending PHI to Microsoft, Microsoft agrees to follow local healthcare information protection law. In the US, as a business associate, they are a covered entity under HIPAA and must maintain compliance to protect your information.

[–] xilliah@beehaw.org -3 points 9 months ago
[–] TurboHarbinger@feddit.cl 17 points 9 months ago

Then don't trust them, sit there, self diagnose and wait for your death.

The word compromise exist for a reason. You wouldn't even eat food if you didn't already know how to compromise.

[–] belated_frog_pants@beehaw.org 10 points 9 months ago

This is just reality. No medical people have secure shit. I've worked on hospital services before and they are all security nightmares. The doctor isnt an engineer. Trust the doctor if they know what they are doing. Your data was forfeit because of capitalism not the doctor.

[–] mp3@lemmy.ca 10 points 9 months ago* (last edited 9 months ago)

Best of luck getting access to a MRI or ultrasound machine that runs on Linux.

[–] init@lemmy.ml 10 points 9 months ago

If it's good enough for the NSA and other paranoid intelligence agencies and military, I think it's good enough for our healthcare orgs.

But I do get your sentiment on a user level. If one of my comp sci professors is using Linux in lecture, they are instantly more credible to me than those who use windows (or MacOS!!) unless I have known them for a while and have found out firsthand.

[–] celeste@kbin.social 5 points 9 months ago

Trust in what sense? With computer security? You probably can't. To diagnose you and find a proper course of treatment? You probably need to research the individual doctor.

My mother worked at a hospital for years helping doctors use computers to keep up to date with research in their fields. By and large, doctors 10-15 years ago sucked at using computers. Doctors who helped save the lives of relatives of mine by diagnosing cancer early would struggle doing simple searches.

I knew a psychologist who would openly chat about patients - names included - in casual party settings. Doctors don't have to be bad at computers to violate your privacy.

If you think their computer security could be better, you're right, but the more they have to learn, the more room for error you're introducing during the changeover. Do they spend millions replacing a diagnostic machine because no one knows how to switch it to better software? When it works and those millions could go towards equipment that needs replacing?

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5996174/

My suggestion is to do research on tech security in hospitals. Read up from people who are experts in the subject, because it's deeply complicated. Figure out what current recommendations are and contact your local doctors and hospitals to find out if they're investing in patient information security. They might still not use linux, but it's more important they be doing what research shows works.

When you find doctors and hospitals that are working towards those recs, give them what trust you can muster, keeping in mind any of them could just be like "my lung cancer patient Joe Smith said the funniest thing yesterday" at their next cocktail party.

Most won't. But these are human run systems. You need to give them enough trust that they can monitor your health, but be prepared to withdraw it when they prove it's undeserved. Tech-wise, pay attention to actual recommendations from experts and keep in mind that the doctors themselves aren't the experts there.

Just, like, don't let yourself die because your doc thinks a linux is a kind of hybrid animal.

[–] dangblingus@lemmy.dbzer0.com 3 points 9 months ago

You can't. In Ontario, we had a massive data breach where basically every single person's personal data on file was stolen from numerous hospitals. They're still using XP if I'm not mistaken.

[–] scratchandgame@lemmy.ml 0 points 9 months ago (1 children)

Only violent revolution solve this. Social democrats are useless.

[–] BraveSirZaphod@kbin.social 4 points 9 months ago (1 children)

Violent revolution because of an operating system is genuinely one of the most terminally online ideas I think I've ever read in my life.

[–] scratchandgame@lemmy.ml 1 points 9 months ago

Not because of an operating system. But the success of other operating systems.

The characteristic of violent revolution is to completely resolve it.