The number of identity-theft victims in the U.S. jumped 12 percent to 11.1 million in 2009, according to research company Javelin Strategy & Research. Fraud cases reported to the Internet Crime Complaint Center, which is partly run by the Federal Bureau of Investigation, climbed 23 percent to 336,655 last year.

Information that people inadvertently make public on sites like Facebook plays a role. So too do the sort of technical exploits demonstrated by the group that recently exposed a flaw in AT&T Inc.’s (T) website.

But in many cases, finding social-security and credit-card numbers or medical records on the Internet doesn’t require computer expertise. Instead, such information is accessible to anyone who knows where to look.

Read the rest of this post on the original site

People familiar with the matter tell Bloomberg that Apple’s handling of the matter remains under scrutiny and that company directors Art Levinson and Bill Campbell had been briefed by Jobs’s doctors on his medical condition at the time of the January disclosures, but little else.

Now, the path from “Steve is suffering from a common bug” to “a hormone imbalance has been robbing Steve of the proteins his body needs to be healthy” to “Steve has undergone a liver transplant” is obviously something of an eyebrow-raiser. But whether it was material to Apple’s business and therefore required disclosure isn’t clear. After all, Apple (AAPL) did just fine while Jobs was on sabbatical; the debut of new Macs, iPods and iPhones is testament to that. Beyond that, there’s this: Apple’s stock posted a 59 percent gain while he was away.

“The issue is not going to be whether they needed to disclose the medical records,” James Cox, a securities law professor at Duke University, told Bloomberg. “It’s going to be whether they monitored the disclosures about his health, in relation to investor expectations that Apple would continue to be led by Steven Jobs….[Apple] did fine. Do you need to say more than, ‘Our CEO has health problems and he’s out on leave?’ The question I think the SEC is looking at is whether it’s material.”

People familiar with the matter tell Bloomberg that Apple’s handling of the matter remains under scrutiny and that company directors Art Levinson and Bill Campbell had been briefed by Jobs’s doctors on his medical condition at the time of the January disclosures, but little else.

Now, the path from “Steve is suffering from a common bug” to “a hormone imbalance has been robbing Steve of the proteins his body needs to be healthy” to “Steve has undergone a liver transplant” is obviously something of an eyebrow-raiser. But whether it was material to Apple’s business and therefore required disclosure isn’t clear. After all, Apple (AAPL) did just fine while Jobs was on sabbatical; the debut of new Macs, iPods and iPhones is testament to that. Beyond that, there’s this: Apple’s stock posted a 59 percent gain while he was away.

“The issue is not going to be whether they needed to disclose the medical records,” James Cox, a securities law professor at Duke University, told Bloomberg. “It’s going to be whether they monitored the disclosures about his health, in relation to investor expectations that Apple would continue to be led by Steven Jobs….[Apple] did fine. Do you need to say more than, ‘Our CEO has health problems and he’s out on leave?’ The question I think the SEC is looking at is whether it’s material.”

Today the search sovereign announced a pilot program with the Cleveland Clinic that will enable the health-care organization’s patients to store their health records in their Google Accounts. The clinic plans to enroll up to 10,000 patients in the program, which will allow them to securely port their medical records to their Google profiles, where they can be more easily managed and shared with doctors, labs and the like.

Of course, by making such records easier to share with medical providers, Google may be making them easier to “share” with less well-intentioned entities. Health insurance carriers. Potential employers. Online marketers. The government.

Google, too.

As the World Privacy Forum pointed out yesterday, companies like Google are not governed by the Health Insurance Portability and Accountability Act or HIPAA. “Don’t assume your medical records are protected no matter where they are: HIPAA privacy protections generally do not follow the health-care files,” the WPF warned. “HIPAA’s protections generally do not ‘travel’ with or follow a medical record that is disclosed to a third party outside the health-care treatment and payment system. … After you have disclosed your health care information to a PHR (Personal Health Records) outside the privacy protections of the health care system (HIPAA), your information can be used or redisclosed by the PHR in ways that would not be permitted for the same information if held by your doctor or health plan. Depending on the applicable privacy policy, health records outside of HIPAA can potentially be bought and sold, shared with merchants, and even disclosed to employers.”

Today the search sovereign announced a pilot program with the Cleveland Clinic that will enable the health-care organization’s patients to store their health records in their Google Accounts. The clinic plans to enroll up to 10,000 patients in the program, which will allow them to securely port their medical records to their Google profiles, where they can be more easily managed and shared with doctors, labs and the like.

Of course, by making such records easier to share with medical providers, Google may be making them easier to “share” with less well-intentioned entities. Health insurance carriers. Potential employers. Online marketers. The government.

Google, too.

As the World Privacy Forum pointed out yesterday, companies like Google are not governed by the Health Insurance Portability and Accountability Act or HIPAA. “Don’t assume your medical records are protected no matter where they are: HIPAA privacy protections generally do not follow the health-care files,” the WPF warned. “HIPAA’s protections generally do not ‘travel’ with or follow a medical record that is disclosed to a third party outside the health-care treatment and payment system. … After you have disclosed your health care information to a PHR (Personal Health Records) outside the privacy protections of the health care system (HIPAA), your information can be used or redisclosed by the PHR in ways that would not be permitted for the same information if held by your doctor or health plan. Depending on the applicable privacy policy, health records outside of HIPAA can potentially be bought and sold, shared with merchants, and even disclosed to employers.”