Breach of Confidentiality
Jump to navigation
Jump to search
Breach of Confidentiality is a form of DISSEMINATION privacy harm under the Solove taxonomy. Breach of Confidentiality is defined as "breaking a promise to keep a person's information confidential."
- A doctor revealing patient information to friends on a social media website.[1]
Additional comments
Occurrences
- AccuWeather App Stealing Location Data (August 2017)
- Amazon heavily fined for invasion of privacy and insecurity (1 June 2023)
- Amazon to Pay $25 Million to Settle Children’s Privacy Charges (May 2023)
- Apps Sending Personal Information to Facebook (December 2018)
- Attorney-Client Calls by Jails (July 2020)
- Brave Browser Affiliate Referral Scheme (June 2020)
- CVS, Kroger, and Rite Aid Disclose Patient Prescriptions Without a Warrant (15 December 2023)
- California hits Google for $93M over deceptive location data options (14 September 2023)
- China's Massive Data Breach Reveals Growing Concerns Over Surveillance State (15 July 2022)
- Chrome Collects User Data Regardless of Consent
- Chrome's Wipe Private Data Feature (October 2020)
- Company Executives Read Employee’s Therapy Chat to the Team (December 2016)
- Content Written On Amazon Package
- Controversy Surrounding Brave Browser's Autocompleting URLs with Affiliate Links (June 2020)
- Dating Apps User Information Leaked Online (June 2020)
- Disappearance of British woman: Privacy Concerns and Police Transparency (27 January 2023)
- F.B.I. Says Video Voyeur Hid Camera in Cruise Ship Bathroom (April 30 JL)
- F.T.C. Study Finds ‘Vast Surveillance’ of Social Media Users
- FTC Reaches First Settlement with X-Mode Social Banning Location Data Tracking (January 2024)
- Face Search Engine PimEyes Blocks Searches of Children’s Faces (October 2023)
- Facebook Allowed Third Parties Read Users’ Messages (December 2019)
- Facebook Facial Recognition (2015)
- Feds settle with St. Joseph's over alleged HIPAA violation (22 November 2023)
- GEDmatch Giving Access to Genetic Data to the Police (November 2019)
- Google Collects Firebase Data (2020)
- Google Faces $5 Billion Lawsuit For Collecting User Data In Incognito Mode (2 June 2020)
- Google workers demand abortion protections and stronger data privacy (August 2022)
- Hunter Biden Sues IRS Over Privacy Violations (September 2023)
- Information About Adopting Parents Shared With Birth Parents (2016)
- Judge advances lawsuit claiming Meta pixel tracking on hospital websites violated HIPAA (7 September 2023)
- Kid Security: Parental Control App (September 2023)
- Malicious Android App Records Users Without Consent (24 May 2023)
- Manasa Health Center Violates HIPAA By Responding To Google Reviews (5 June 2023)
- Meta Pixels found in Health Systems across America tied to the breach of sensitive medical information of over 3,000,000 people. (October 2022)
- Meta sued for collecting sensitive information on North Carolina DMV website (15 September 2023)
- Motel 6 Provided ICE with Guest Data (April 2019)
- National Labor Relations Board (NLRB) General Counsel Issues Memo on Unlawful Electronic Surveillance and Automated Management Practices (31 October 2022)
- Nothing Chats Privacy Issues (November 2023)
- Ontario Police Used COVID-19 Database Illegally (September 2020)
- People’s Actual Info Used in Training Videos for Employees (July 2020)
- Premom Share User Information With Chinese Firms (August 2020)
- Privacy Concerns and Legal Action: New Jersey's Handling of Newborn Blood Samples Faces Lawsuit (2 November 2023)
- Privacy Concerns over Transgender Sports Case (7 December 2023)
- Ring's Privacy Failures - Spying and Harassing Through Home Cameras (May 2023)
- Roomba testers feel misled after intimate images ended up on Facebook
- Secret Sharing App Whisper (October 2014)
- Sephora (August 2022)
- Strava App Automatically Tags People Who Run Nearby (September 2020)
- Students Health Records Shared With Parents (October 2015)
- Torrent Website Shares User Data with Anti Piracy Law Firm (August 2020)
Laws and Regulations
The following laws and regulations address the Breach of Confidentiality harm.
- (410 ILCS § 50/). Medical Patient Rights Act. (United States, Illinois)
- (410 ILCS § 513/). Genetic Information Privacy Act (United States, Illinois)
- 10 U.S.C. §1102 (United States)
- 30-17-2635 Rule 10.4. Release of Patient Records to Patient. (United States, Mississippi)
- 42 CFR Subpart F (United States)
- 42 U.S.C. Subchapter VII (United States)
- AL SB 301 (United States, Alabama)
- AZ. SB 1297. Genetic testing information; Confidentiality; Exceptions. (United States, Arizona)
- CH. 5.1. Human Research. (United States, Virginia)
- CH. 90. Medical Records. (United States, North Carolina)
- CH. 93. Privacy of Genetic Information. (United States, South Carolina)
- Clinical Laboratory Improvement Amendments (United States)
- Communications Act of 1934 (United States)
- Confidential Information Protection and Statistical Efficiency Act of 2002 (United States)
- Dand/test (United States)
- FL XLVI. Crimes § 784.049. Sexual cyberharassment (United States, Florida)
- Family Educational Rights and Privacy Act (United States)
- Federal Policy for the Protection Human Subjects (United States)
- Federal Trade Commission Act (United States)
- GEN § 899-AA. Notification; person without valid authorization has acquired private information. (United States, New York)
- Gramm Leach Bliley Act (United States)
- ILL. SB 1307. The Genetic Information Privacy Act. (United States, Illinois)
- Internet Security and Privacy Act (United States, New York)
- MA. BH. 1900. Ensuring patient privacy and control with regard to health information exchanges. (United States, Massachusetts)
- Medical Records Access Act. (United States, Michigan)
- NY GBS § 399-DDD Confidentiality of Social Security Account Number (United States, New York)
- NY. S5575B Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) (United States, New York)
- Personal Data Protection Law (KVKK) (Turkey)
- Privacy Act of 1974 (United States)
- Privacy Protection Act of 1980 (United States)
- SC. SB 1224. Michelle's Law. (United States, South Carolina)
- Telecommunications Act of 1996 (United States)
- Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 (United States)
- §1206C. Privacy of information regarding book service users. (United States, Delaware)
- §144.293. Release or Disclosure of Health Records. (United States, Minnesota)
- §16-39-2. Release of Mental Health Records to Patient and Authorized Persons. (United States, Indiana)
- §1711. Patient access to hospital medical records. (United States, Maine)
- §17:3914. Student information; privacy; legislative intent; definitions; prohibitions; parental access; penalties. (United States, Louisiana)
- §191.277. Medical records to be released to patient, when, exception—fee permitted, amount—liability of provider limited—annual handling fee adjustment—disclosure of deceased patient records. (United States, Missouri)
- §205.498. Provider of Internet service required to keep certain information concerning subscribers confidential; notice required to be provided to subscribers. (United States, Nevada)
- §23-12-14. Copies of medical records and medical bills. (United States, North Dakota)
- §25-5-339. Confidentiality of information. (United States, Alabama)
- §26.1-36-12.4. Confidentiality of medical information. (United States, North Dakota)
- §304.12-085. Denial of insurance because of race, color, religion, national origin, or sex prohibited -- Genetic tests. (United States, Kentucky)
- §31-33-1—§31-33-8. Health Records. (United States, Georgia)
- §33-54-3. Purpose of testing; consent required; confidential and privileged information. (United States, Georgia)
- §375.1300-§375.1309. Business and Financial Institutions. (United States, Missouri)
- §41-119-13. Ensure that patient specific health information be disclosed only in accordance with the provisions of the Health Insurance Portability and Accountability Act of 1996. (United States, Mississippi)
- §420-5-7-.05. Patient Rights. (United States, Alabama)
- §427A.872. Division to adopt regulations prescribing statewide standard for measuring outcomes and assessing and evaluating certain young persons with autism spectrum disorders; reports to Division. (United States, Nebraska)