Senator Markey just issued a staff report outlining the problems with sending American data to foreign countries. Here are a couple of clips.

 Americans would not travel to a country without first inoculating themselves against foreign diseases. Why then would Americans want their data going to a foreign country without the proper privacy protections? In the absence of such proper privacy protections, outsourcing sensitive data jeopardizes <?xml:namespace prefix = st1 />U.S. confidence in information outsourcing.

In 2001, Indian workers at Ohio-based Heartland Information Services, threatened to release confidential medical records online unless they received a cash payment from the company.

In 2003, a Pakistani medical transcriber, subcontracting with the University of California at San Francisco (UCSF) medical center, threatened to do the same. Neither India nor Pakistan has national data privacy laws compelling companies to implement basic data privacy safeguards. Indeed, of the 19 countries and one region to whom American companies predominantly offshore, thirteen offer less data privacy to consumers than the United States.

You can read the whole report here. http://www.house.gov/markey/Issues/iss_privacy_rep050914.pdf