Has it occured to anyone that the raw material for this product is being given to the foreign companies against the wishes of the American people? These records belong to the American people and they should not be exported outside our borders to be manipulated by outsiders and resold back to us.

Some legislators have taken notice of this and are trying to bring legislation to prevent the export of our records. Representattive Markey has been one at the forefront in this. While I am not usually a fan of Democrats, Rep. Markey seems to be right on track with the wishes of the citizens. The issue is privacy and security but these two issues may be sufficient to bring our records home.

OUTSOURCING PRIVACY:

Countries Processing "Numbers, Health Information, Tax Records Lack Fundamental Privacy Safeguards

Introduction

The New York Times recently suggested that 2005 might be viewed historically as “the year of the consumer privacy breach ”1 in recognition of the more than 50 million American consumers who have seen their personal information lost, stolen or sold to thieves by third parties. But this may only be the early tip of the iceberg of a problem that is going global. The telecommunications revolution now makes it possible to process <?xml:namespace prefix = st1 /><?xml:namespace prefix = st1 /><?xml:namespace prefix = st1 />U.S. data, read U.S.x-rays, or answer U.S. consumer complaints from low-wage foreign countries where privacy protections are weak or non-existent. This report reviews the relative strength of the privacy regimes in countries to which U.S.-based companies are now turning to maximize profits in a competitive global economy. It asks whether what is good for profits<?xml:namespace prefix = o />

is also good for privacy. Americans would not travel to a country without first inoculating themselves against foreign diseases. Why then would Americans want their data going to a foreign country without the proper privacy protections? In the absence of such proper privacy protections, outsourcing sensitive data jeopardizes U.S. confidence in information

outsourcing. unauthorized access, and misuse.

In 2001, Indian workers at Ohio-based Heartland Information Services, threatened to release confidential medical records online unless they received a cash payment from the company.

In 2003, a Pakistani medical transcriber, subcontracting with the University of California at San Francisco (UCSF) medical center, threatened to do the same. Neither India nor Pakistan has national data privacy laws compelling companies to implement basic data privacy safeguards. Indeed, of the 19 countries and one region to whom American companies predominantly offshore, thirteen offer less data privacy to consumers than the

United States.

Rep. Edward J. Markey, a senior Member of the House Energy and Commerce Committee and the Co-Chair of the Congressional Privacy Caucus, recently released a report assessing the privacy risks for Americans when their data is outsourced to other countries. The report ranked the countries based on eight principles of legal protections taken from the European Union's Data Privacy Directive, including security, enforcement and notification. “The report found that 14 of the 20 countries profiled have privacy regimes that are weaker than that of the U.S.