schwit1 writes "HHS is already spinning the launch of its federal health insurance exchange this October. The beta version released a few months ago will, unless delayed and fixed, inflict on the public the most widespread violation of the Privacy Act in our history. The beta portal permits anyone to change the health insurance records of anyone else.
The OMB has ordered agencies to ignore the Privacy Act by invoking an absurdly broad interpretation of the Privacy Act's "routine use" exemption. The Privacy Act is a general prohibition, subject to narrow exceptions, on disclosure of records between agencies or to the public. The "routine use" exception allows disclosure when the use of a record is "for a purpose which is compatible with the purpose for which it is collected." Privacy being essential to patient care, it is impossible to justify a "routine use" exception for a system knowingly built in a way that will permit disclosure of intimate health care data."
Link to Original Source