OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] Taiwanese Gov Workers Breach HIV Privacy Law

From: Christine Fulgham (christineopensecurityfoundation.org)
Date: Tue Nov 09 2010 - 21:13:43 CST


http://hivplusmag.com/NewsStory.asp?id=22057&sd=11/08/2010

An HIV/AIDS advocacy group has condemned Taiwanese government workers after
several of them shared private information about the HIV statuses of
citizens drafted into the military.

After government officials alerted the parents of a man who was drafted that
he was HIV-positive, his father kicked him out of the house, Chang
Cheng-hsueh of Persons with HIV/AIDS Rights Advocacy Association of Taiwan
told the Central News Agency. A letter containing the information about the
man, who goes by the name Hsiao Pan, was accompanied by implicit
instructions to keep the information confidential. However, officials
ignored the instructions, and relayed the information to Hsiao Pan's father.
In another incident, a conscription exemption form that was supposed to be
delivered to another man, Hsiao Mi, was instead delivered to his home, where
his mother read on the form that her son is HIV-positive.

The HIV Infection Control and Patient Rights Protection Act bars medical
workers, or anyone with access to medical records, from disclosing such
information. Violators can be punished with fines up to $150,000 (or
approximately US$4,965).

The Ministry of the Interior said it will conduct an internal investigation
to learn more about the breaches of privacy. Exempt draftees are now
instructed to pick up their exemption notification in-person. Chang said one
worker believes "parents have the right to know about the health of their
children."

Both Hsiao Pan and Hsiao Mi have received apologies from the government
employees who revealed their HIV statuses.

_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/