Healthcare.gov HIPPA VIOLATIONS sharing personal data

Government health care website quietly sharing personal data
HealthCare.gov security — ‘a breach waiting to happen’
HIPPA VIOLATION: website sends your age, income level, pregnancy status etc. to advertising companies
https://www.eff.org/deeplinks/2015/01/healthcare.gov-sends-personal-data

Shocking security problems remain 1 yr later! Got it WINS! > over & patient privacy!
must be read to the very end proves that not only does the Obamacare website have major security issues, but that the incorruptible wonderful well-meaning folks in Washington who care so much about our health and running our lives knew this when the site was launched.Federal medical-privacy law frustrates ID theft victims
http://www.abajournal.com/magazine/article/federal_medical-privacy_law_frustrates_id_theft_victims

a victim of an Obamacare breach and the little known fact that well over half of all identity thefts now arise from information on the Healthcare.gov site.    Once again, any individual in the health care industry that demonstrates the slightest carelessness with patient privacy will likely be bankrupted by HIPPA fines.

Hacker accesses 70,000 Healthcare.gov records, says website is 100% insecure
http://www.slashgear.com/hacker-accesses-70000-healthcare-gov-records-says-website-is-100-insecure-21313926/
In the source code of http://healthcare.gov  is “no right to privacy” tt overrides HIPPA. But it’s hidden!
http://www.frontpagemag.com/2013/frontpagemag-com/no-privacy-for-obamacare-patients/
And watch how they lie about it: OCare Website Hidden Source Code Says Users “Have No Reasonable Expectation of Privacy”

The CEO isn’t the only hacker to publicly confirm the security issues, however, with Kevin Mitnick, Ed Skoudis, and more having issued warnings of an impending security breach if the problems are not corrected. Said Mitnick in a signed statement alongside fellow hackers: “It’s shameful the team that built the Healthcare.gov site implemented minimal, if any, security best practices to mitigate the significant risk of a system compromise or access to consumer proprietary information.” Despite these warnings, the government has maintained Healthcare.gov is secure and undergoes regular security testing. Whether this latest breach performed by Kennedy will spur a proper review and corrections of the issue at hand is yet to be seen (and a cynic might express ample doubt at this point), but all signs point towards a ticking clock counting down to a major — malicious — data breach.
HealthCare.gov is shuttling personal data to third parties
http://www.slashgear.com/healthcare-gov-is-shuttling-personal-data-to-third-parties-21365499/
Judicial Watch, a politically conservative government watchdog group, has filed a Freedom of Information Act lawsuit against the Department of Health and Human Services seeking the release of all records – including studies, memos, e-mails, and slide presentations – related to the security of the HealthCare.gov Web portal dating back to Jan. 1, 2012.
http://www.healthcareinfosecurity.com/healthcaregov-security-answers-sought-a-6700
Doesn’t that violate HIPPA? Among other privacy laws? -> website quietly sharing personal data 
WASHINGTON (AP) — The government’s health insurance website is quietly sending consumers’ personal data to private companies that specialize in advertising and analyzing Internet data for performance and marketing, The Associated Press has learned.
The scope of what is disclosed or how it might be used was not immediately clear, but it can include age, income, ZIP code, whether a person smokes, and if a person is pregnant. It can include a computer’s Internet address, which can identify a person’s name or address when combined with other information collected by sophisticated online marketing or advertising firms.
The Obama administration says HealthCare.gov’s connections to data firms were intended to help improve the consumer experience. Officials said outside firms are barred from using the data to further their own business interests.
There is no evidence that personal information has been misused. But connections to dozens of third-party tech firms were documented by technology experts who analyzed HealthCare.gov and then confirmed by AP. A handful of the companies were also collecting highly specific information. That combination is raising concerns.
Leading lawmakers on Tuesday asked the administration to explain how it oversees the data firms to make sure no personally identifiable information is improperly used or shared.
The administration did not explain how it ensures that companies were following the government’s privacy and security policies.
Albright said HealthCare.gov comports with standards set by the federal National Institute for Standards and Technology. But recent NIST guidance cautions that collecting bits of seemingly random data can be used to piece together someone’s identity.
In a recent visit to the site, AP found that certain personal details — including age, income and smoking habits — were being passed along, likely without consumers’ knowledge, to advertising and Web analytics sites.
Third-party outfits that track website performance are a standard part of e-commerce. HealthCare.gov’s privacy policy says in boldface that “no personally identifiable information is collected” by these Web measurement tools.
“Personally, I look at this … and I don’t know what is going on between the government and Facebook, and Google, and Twitter,” said Mehdi Daoudi, CEO of Catchpoint Systems. “Why is that there?”
Third-party sites embedded on HealthCare.gov can’t see your name, birth date or Social Security number. But they may be able to correlate the fact that your computer accessed the government website with your other Internet activities.
Daoudi’s company, Catchpoint Systems, came across some 50 third-party connections embedded on HealthCare.gov. They work in the background, unseen to most consumers.
The AP replicated the results. In one 10-minute visit to HealthCare.gov recently, dozens of websites were accessed behind the scenes. They included Google’s data-analytics service, Twitter, Facebook and a host of online advertising providers.
“I think that this could erode … confidentiality when dealing with medical data and medical information,” said Cooper Quintin, a staff technologist with the Electronic Frontier Foundation, a civil liberties group.
http://bigstory.ap.org/article/31490a20926d4ed3b98ff2d0ed8fc81d/new-privacy-concerns-over-governments-health-care-website

Diane Ravitch Blog Read

Salon: The Segregationist History of the Charter Movement

In a stunning post at Salon, Christopher Bonastia describes the ugly origins of the charter industry in the segregationist movement. The basic idea behind efforts to fight desegregation was school choice, paid for by taxpayers. The goal was to allow white students to continue to attend all-white private academies with public dollars. Today, the charter industry targets black students, which ironically popularizes the idea of all-black, segregated schools. Desegregation is no longer a priority for public policy, despite research that shows its benefits.
He writes:
“The now-popular idea of offering public education dollars to private entrepreneurs has historical roots in white resistance to school desegregation after Brown v. Board of Education (1954). The desired outcome was few or, better yet, no black students in white schools. In Prince Edward County, Virginia, one of the five cases decided in Brown, segregationist whites sought to outwit integration by directing taxpayer funds to segregated private schools.
Two years before a federal court set a final desegregation deadline for fall 1959, local newspaper publisher J. Barrye Wall shared white county leaders’ strategy of resistance with Congressman Watkins Abbitt: “We are working [on] a scheme in which we will abandon public schools, sell the buildings to our corporation, reopen as privately operated schools with tuition grants from [Virginia] and P.E. county as the basic financial program,” he wrote. “Those wishing to go to integrated schools can take their tuition grants and operate their own schools. To hell with ‘em.”
Though the county ultimately refused to sell the public school buildings, public education in Prince Edward County was nevertheless abandoned for five years (1959-1964), as taxpayer dollars were funneled to the segregated white academies, which were housed in privately owned facilities such as churches and the local Moose Lodge. Federal courts struck down this use of taxpayer funds after a year. Still, whites won and blacks lost. Because there were no local taxes assessed to operate public schools during those years, whites could invest in private schools for their children, while blacks in the county—unable and unwilling to finance their own private, segregated schools—were left to fend for themselves, with many black children shut out of school for multiple years….
“Attorney David Mays, who advised high-ranking Virginia politicians on school strategy, reasoned, “Negroes could be let in [to white schools] and then chased out by setting high academic standards they could not maintain, by hazing if necessary, by economic pressures in some cases, etc. This should leave few Negroes in the white schools. The federal courts can easily force Negroes into our white schools, but they can’t possibly administer them and listen to the merits of thousands of bellyaches.” (Mays vastly underestimated the determination of individual black families and federal officials.)…”
“The driving assumption for the pro-charter side, of course, is that market competition in education will be like that for toothpaste — providing an array of appealing options. But education, like healthcare, is not a typical consumer market. Providers in these fields have a disincentive to accept or retain “clients” who require intensive interventions to maintain desired outcomes—in the case of education, high standardized test scores that will allow charters to stay in business. The result? A segmented marketplace in which providers compete for the “good risks,” while the undesirables get triage. By design, markets produce winners, losers and unintended or hidden consequences.
“Charter school operators (like health insurers who exclude potentially costly applicants) have developed methods to screen out applicants who are likely to depress overall test scores. Sifting mechanisms may include interviews with parents (since parents of low-performing students are less likely to show up for the interview), essays by students, letters of recommendation and scrutiny of attendance records. Low-achieving students enrolled in charters can, for example, be recommended for special education programs that the school lacks, thus forcing their transfer to a traditional public school. (More brazenly, some schools have experienced, and perhaps even encouraged, rampant cheating on standardized tests.)
“Operators have clear motives to avoid students who require special services (i.e., English-language learners, “special needs” children and so on) and those who are unlikely to produce the high achievement test scores that form the basis of school evaluations. Whether intended or otherwise, these sifting mechanisms have the ultimate effect of reinscribing racial and economic segregation among the students they educate — as the research on this topic is increasingly bearing out.”
 

NJ Charter Group Files Ethics Complaint Against Critic

The Néw Jersey Charter School Association filed an ethics complaint against Rutgers professor Julia Sass Rubin, because she identified herself as a Rutgers professor when speaking and writing critically about charter schools. She and doctoral student Mark Weber published a research paper about the demographics and test scores of charters. She has been an active member of Save Our Schools Néw Jersey. The charter association claims that she should not acknowledge her professional identity when writing or speaking. This would be laughable were it not an effort to intimidate her.
Here are the remedies the NJCSA seeks from the NJ State Ethics Commission:
“• In the event of any further installments of her study with Mr. Weber, or any future Rutgers work product concerning issues of education policy, that she be ordered to include appropriate disclaimers upon its release, and secure review and approval of the appropriate Rutgers officials prior to releasing same publicly;
• When making public appearances, Dr. Rubin be ordered to not use her Rutgers title in any capacity, and if her title is raised that she clearly state that her positions are hers alone and not those of Rutgers or any of its academic units;
• Direction to either adhere to Rutgers policies regarding outside activities or withdraw from her involvement in outside organizations including SOSNJ.”
Just for the record, I usually identify myself as a Research Professor of Education at Néw York University when I write opinion pieces, blog, give testimony before legislative bodies, or lecture in public. No one has ever said it was unethical to do so.
Here is Peter Greene on the subject.
He writes:
“NJCSA has tried to attack Rubin professionally by bringing ethics charges against her. Her alleged unethical behavior is, as near as I can tell:
1) Saying things that the NJCSA doesn’t like
2) Telling people what her job is when she speaks.
“The complaint seriously seeks the remedy of having Rubin stop identifying herself as a Rutgers professor when she says these things that make the NJ Charter operators look like lying liars who lie.”
Greene adds:
“I can understand their confusion to a point. It is, of course, standard operating procedure in the reformster world to NOT identify who you actually work for, get money from, or otherwise are affiliated with. It’s SOP to put out a slick “report” without actually explaining why anyone should believe you know what you’re talking about, but Rubin and Weber go ahead and list their actual credentials. Apparently NJCSA’s argument is that it’s unethical to let people know why your work is credible.”
Professor Rubin posted the following on her Facebook page:
“The NJ Charter School Association filed an ethics complaint against me on Monday with the NJ State Ethics Commission, claiming that I was violating Rutgers policies on lobbying by identifying myself as a Rutgers Professor when I wrote editorials or spoke in public meetings and articulated a position consistent with that of Save Our Schools NJ.
“Their complaint is not only completely devoid of substance, it also demonstrated very unethical behavior by the NJ Charter School Association as the complaint distorts the Rutgers Lobbying and Advocacy Policy, including actually editing parts of that policy to change its meaning and omitting the list of communications that are expressly not considered lobbying. Of course, every example of my writing or testimony that they categorized as “lobbying” [editorials, speaking at public events, etc.,] was actually on the list of communications that do not constitute lobbying.
“Aside from demonstrating the NJ Charter School Association’s stunning lack of morality, this also is a chilling attack on personal and academic freedoms. If Professors of Public Policy are not allowed to testify or write editorials that displease well-funded constituents, we are truly in trouble as a country.”
Here is Marie Corfield’s hilarious commentary. She includes an excerpt from Bob Braun’s Facebook comments, where he reveals how few educators are on the board of NJCSA.
Star Ledger coverage:http://www.nj.com/education/2015/01/charter_schools_association_files_ethics_complaint_against_rutgers_professor_sosnj_founder.html#comments
Philadelphia Inquirer  http://www.philly.com/philly/news/new_jersey/287983381.html

How My Mom Got Hacked NYT a bad bait article by alina simone

Operation Global 3 Ransomware File Decryption

https://www.youtube.com/watch?v=1M5IEW5_Ydw&feature=youtu.be
PATCH
http://news.softpedia.com/news/Decryption-Tool-Available-for-Crypto-Malware-Operation-Global-III-467052.shtml

 

A bad bait article by  alina simone

“CryptoWall 2.0 is the latest immunoresistant strain of a larger body of viruses known as ransomware. The virus is thought to infiltrate your computer when you click on a legitimate-looking attachment or through existing malware lurking on your hard drive, and once unleashed it instantly encrypts all your files, barring access to a single photo or tax receipt.” CryptoWall is a variant of an earlier virus called CryptoLocker. CryptoLocker hackers cleared around $30 million in 100 days in 2013.

All Bitcoin owners can be traced!
Bitcoin A.T.Ms are available to anyone. It as easy to buy Bitcoin as it is to buy a soda from a vending machine. All users have to do is scan the QR code — a two-dimensional type of bar code — for an existing Bitcoin wallet and insert cash. No contact is necessary with Bitcoin exchanges, which often have long account verification processes and expensive money transfer requirements.
“the CryptoWall hackers take only Bitcoins”
CryptoWall had anointed coincafe as one of their Bitcoin providers of choice, with praise for their “fast, simple service.” https://coincafe.com/