Post
Here's a policy I'd like to see included in a comprehensive digital-age privacy protection bill;
If a company stores people's personal information, they must supply;
* a single-click way to delete an account and all its data
* a phone number those people can call and get immediate assistance, or failing that, an automated callback
* an address those people can email and get a response within 48 hours. In case they want to have a written record of their interaction with the company
A couple of months back, I evaluated the privacy policy of ManageMyHealth.co.nz (MMH);
https://mastodon.nzoss.nz/@strypey/114862089185059650
TL;DR Nuke it from orbit, it's the only way to be sure.
Since then, I've been getting nagmails from MMH trying to get me to use their platform. Today I tried figure out how to get this spam to stop.
(1/?)
Clicking on the opt-out link takes me to a page where I'm expected to;
* run Javascript from 3 Goggle and 2 Cloudflare domains
* enter my email address
* prove I'm a human
But even after doing all that, I get a pop-up with an error message.
(2/?)
I was already sceptical about this platform's respect for privacy. But even if I wasn't, the above doesn't exactly fill me with confidence in their technical chops, or their ability to protect my most sensitive personal data.
(3/?)
I still want the nagmail to stop, and I'm happy to file a bug report. So I went to their support portal. No sign of an email address or a phone number, so I clicked on the "get in touch" button under;
"I am an Individual / Patient"
https://managemyhealth.co.nz/support/
That takes me to the this page;
https://app.managemyhealth.co.nz/patient-support
Where to get support, I have to enter my first and last name, email address, and date of birth 🤦♂️
If what these cowboys are doing is legal, the law needs an update.
(4/4)
Here's another example of the lack of digital sovereignty in our public health system. A survey about a recent experience at the local hospital's A+E department.
Not only is this survey system clearly not being run by the boffins at Te Whatu Ora, it's not even being served from a subdomain of tewhatuora.govt.nz. But from forms.office.com, a domain controlled by the original US technofeudalists, BorgSoft.
(1/2)
A space for Bonfire maintainers and contributors to communicate
