Jonathon_Payne
The fact that you have to apply and the FAA may consider it based off of some vague notion of “security reasons” tells you everything you need to know. Rights for me but none for thee.
The fact that you have to apply and the FAA may consider it based off of some vague notion of “security reasons” tells you everything you need to know. Rights for me but none for thee.
Publishing pilot home addresses and their medical information SHOULD already be illegal under HIPPA.
2 replies
Your car registration is more private in every state than your FAA reg. The key question, is there a public benefit from having your information available to anyone and everyone?
If anything, if I were a crook who wanted to target someone with assets, I’d hang out at the local airport and write down N-numbers, and go to the FAA website for the owner information. To get that info from a luxury car owner, I would have to follow them around until they drove home. Much harder. Thanks, FAA.
HIPPA protect the privacy and security of patient health information, ensuring individuals have control over their medical data. I never gave consent that the FAA database publish my medical state or physical limitations (must wear eyeglasses, etc). It’s none of anyone’s business outside of the agency.
2 replies
The article is about aircraft registration data, not pilot medical data. Aircraft registration data (which in this case includes name and address) is not medical data and thus does not fall under HIPPA.
Though as I said, I do agree it should be private. It’s just that in this case, HIPPA doesn’t have any say over this particular dataset.
HIPAA (not HIPPA) stands for “Health Insurance Portability and Accountability Act”. It applies to the health care industry (providers, hospitals, insurance companies, etc.)
From my understanding, it does not apply to the FAA listing your medical limitations on a public-facing web-site.
While I agree with your privacy demands, HIPAA is not the tool to attain them. This site covers who is and is not required to follow HIPAA rules regarding patient information:
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html
Some examples of who does not have to follow HIPAA rules:
Examples of organizations that do not have to follow the Privacy and Security Rules include:
PS - I think the FAA should make such data visibility an “opt-in” setting, i.e. by default it’s blocked and you have to “opt in” to making it publicly available.
There are roadblocks to actually getting your personal information removed. I am on the fence trying to decide if this is typical incompetent government project management and tech work, or made purposefully difficult because Congress is forcing them to act through an appropriation bill.
Instead of a simple form with a checkbox “Remove my PII” (after logging in to the CARES system and proving your identity), you are required to upload a “PDF”.