Zero privacy in healthcare.gov. It's in the source code.
-
I just saw a short video segment of the House of Representatives hearing into concerns for the privacy healthcare.gov In it, there's a comment in the code that states that you have no reasonable expectation of privacy - a statement that is in direct contravention of HIPA. A representative of the contractor has admitted knowledge of its inclusion in the source, yet claims that the responsibility for it lies elsewhere, which it may or may not in a legal sense. But my question is: If the programmer that inserted it knew it was at odds to HIPA, should they also themselves be held to account?
-
I just saw a short video segment of the House of Representatives hearing into concerns for the privacy healthcare.gov In it, there's a comment in the code that states that you have no reasonable expectation of privacy - a statement that is in direct contravention of HIPA. A representative of the contractor has admitted knowledge of its inclusion in the source, yet claims that the responsibility for it lies elsewhere, which it may or may not in a legal sense. But my question is: If the programmer that inserted it knew it was at odds to HIPA, should they also themselves be held to account?
I think the company that did healthcare.gov should be held accountable for this entire mess.
What do you get when you cross a joke with a rhetorical question?
-
I just saw a short video segment of the House of Representatives hearing into concerns for the privacy healthcare.gov In it, there's a comment in the code that states that you have no reasonable expectation of privacy - a statement that is in direct contravention of HIPA. A representative of the contractor has admitted knowledge of its inclusion in the source, yet claims that the responsibility for it lies elsewhere, which it may or may not in a legal sense. But my question is: If the programmer that inserted it knew it was at odds to HIPA, should they also themselves be held to account?
enhzflep wrote:
should they also themselves be held to account
This, taken to extremes, leads to the Nuremberg trials. Should a grunt (programmer) be responsible for executing decisions taken by his superiors (managers/designer/business).
Never underestimate the power of human stupidity RAH
-
enhzflep wrote:
should they also themselves be held to account
This, taken to extremes, leads to the Nuremberg trials. Should a grunt (programmer) be responsible for executing decisions taken by his superiors (managers/designer/business).
Never underestimate the power of human stupidity RAH
-
Indeed, that was precisely the comparison I'd hoped to elicit in people's mind. There's no threat of death to the public or the employees concerned, which in my mind, makes it a question of morals.
Personally I think the programmer has done precisely the correct thing, implemented the requirement and left a comment pointing out it's inadequacies. I know I would sack a programmer that refused to implement such a requirement bit I would expect the comment to appear in the doco and kudos to the programmer. I would also want the guy to be a little more explicit about the details as to why the requirement is inadequate, I know simply saying it does not work annoys the shit out of me I imagine it does those further up the food chain.
Never underestimate the power of human stupidity RAH
-
I just saw a short video segment of the House of Representatives hearing into concerns for the privacy healthcare.gov In it, there's a comment in the code that states that you have no reasonable expectation of privacy - a statement that is in direct contravention of HIPA. A representative of the contractor has admitted knowledge of its inclusion in the source, yet claims that the responsibility for it lies elsewhere, which it may or may not in a legal sense. But my question is: If the programmer that inserted it knew it was at odds to HIPA, should they also themselves be held to account?
-
Personally I think the programmer has done precisely the correct thing, implemented the requirement and left a comment pointing out it's inadequacies. I know I would sack a programmer that refused to implement such a requirement bit I would expect the comment to appear in the doco and kudos to the programmer. I would also want the guy to be a little more explicit about the details as to why the requirement is inadequate, I know simply saying it does not work annoys the shit out of me I imagine it does those further up the food chain.
Never underestimate the power of human stupidity RAH
Mycroft Holmes wrote:
Personally I think the programmer has done precisely the correct thing
That was my take on it as well. Kudo's to the programmer for recognizing the situation and doing what they can to expose it. After all, the Gov't is still trying to gut the last big whistle blower.... Ken
-
I just saw a short video segment of the House of Representatives hearing into concerns for the privacy healthcare.gov In it, there's a comment in the code that states that you have no reasonable expectation of privacy - a statement that is in direct contravention of HIPA. A representative of the contractor has admitted knowledge of its inclusion in the source, yet claims that the responsibility for it lies elsewhere, which it may or may not in a legal sense. But my question is: If the programmer that inserted it knew it was at odds to HIPA, should they also themselves be held to account?
It is the government. They can do whatever they want. Look at the IRS giving bonuses to employees that own the IRS.
