My wife's doctor's office recently "web enabled" her on a patient portal website that apparently stores all of her medical information on it. They did so without her permission (written, verbal, or otherwise), and she was told that it is all ready for her if she chooses to use it. I have a feeling this holds true for all their patients.
I have a BIG problem with them not asking permission, or having us go through an account creation process where we agree to terms and conditions and privacy policies.
What if the wrong person gets emailed another person's credentials, what if someone hacks the system, etc. ?
Also, it is a publicly accessible website with low-grade security measures in place.
What can we do to get her "disabled?"
Sign up to receive a 3-part series of useful information and advice about personal injury law.