“Healthcare.gov never collects information for commercial marketing or any purpose unrelated to our mission and goals.”
If this is the case, then why are they using code from Facebook, Google and Twitter? Are we going to consult Zuckerberg every time I need a flu shot or something? This makes no sense.
They claim that they only collect the following information:
- Domain from which you access the Internet
- IP address (an IP or internet protocol address is a number that is automatically given to a computer connected to the Web)
- Operating system on your computer and information about the browser you used when visiting the site
- Date and time of your visit
- Pages you visited
- Address of the website that connected you to HealthCare.gov (such as google.com or bing.com)
Further, they claim that:
The HealthCare.gov staff analyzes and reports on the collected data from these tools. The reports are available only to HealthCare.gov managers, members of the HealthCare.gov communications and Web teams, and other designated staff who need this information to perform their duties.
Is Facebook on their staff? I doubt it. They go on…
HealthCare.gov keeps the data from our measurement tools as long as needed to support the mission of the website.
They go on with a little bit about cookies and opting out of cookies, which I don’t think is important.
Then they say:
… we will safeguard the information you provide in accordance with the Privacy Act of 1974, as amended (5 U.S.C. Section 552a).
I wonder if giving our information to social networks and getting information from social networks is in accordance with the privacy act of 1974. Judging by the date on the law, I bet it probably is, because there was no internet in 1974.
The meat of the matter is addressed in the following section:
How HealthCare.gov uses third-party websites and applications
As a response to OMB Memo M-10-06, Open Government Directive, HealthCare.gov uses a variety of technologies and social media services to communicate and interact with citizens. These third-party website and application (TPWA) tools include popular social networking and media sites, open source software communities, and more. Examples include Facebook, Twitter, and YouTube.
TPWAs are not exclusively operated or controlled by HealthCare.gov. Users of TPWAs often share information with the general public, user community, and/or the third party operating the website. These actors may use this information in a variety of ways. TPWAs could cause PII to become available or accessible to HealthCare.gov and the public, regardless of whether the information is explicitly asked for or collected by us.
HealthCare.gov sometimes collects and uses your PII if you made it available through third-party websites. However, we do not share PII made available through third-party websites. Your activity on the third-party websites we use is governed by the security and privacy policies of those sites. You should review the third-party privacy policies before using the sites and ensure that you understand how your information may be used.
As you can see, Healthcare.gov explicitly admits to sharing information with social networking sites and, “collects and uses your [Personally Identifying Information] if you made it available through third-party web sites.” This means that information is travelling both ways. Facebook finds out about your health insurance and health insurance finds out about your facebook.
I find this absolutely unacceptable, and I intend to contact my congressman about it.
If you want to contact congress about this but do not know who to email or write to then use the house.gov site to locate your congressman, senate.gov to find your senator and whitehouse.gov to contact the president. Tell them that you are concerned about this breach of privacy and that you want it fixed immediately.