Porn 101: Website Privacy Policies and Why You Need One

As of July 1, 2004 California Law requires that an operator of a commercial Web site or online service that collects personally identifiable information through the Internet about individual consumers residing in California… shall post its privacy policy conspicuously on its website…Cal. Bus. & Prof. Code 22575-22579.

Besides being legally mandated in California, accurate privacy policies increase consumer confidence and awareness. Some affiliate programs have specific requirements for their affiliate privacy policies. You should be aware of the agreements that you have with any third party and how these agreements impact your privacy policies.

Your privacy policy should be easy to read and accurately reflect the way your business collects and shares information.

Below you will find some questions to consider in developing a privacy policy and clauses that may be found in a privacy policy. There is no one size fits all privacy policy. This document will vary from business to business. A privacy policy is a legal agreement between you and the people who do business with you. You should make sure that the statements made in your privacy policy are a true reflection of the way that you do business.

Your privacy policy should: (1) Be posted in a conspicuous place; (2) Identify the categories of information your company collects from consumers; (3) Describe the categories of third parties who you share your customer information with; (4) If your company allows customers to store and update their personal information, you must post the process in which they do so; (5) Describe how you will notify consumers of any changes in your privacy policy and (6) State an effective date.

Below are some sample paragraphs and clauses that may work for your privacy policy. This is a legal document that should be drafted by legal counsel.

Example of a Preamble:

This Privacy Policy sets forth the policies and practices with respect to information or data that is received or gathered regarding Members (note: do you have members?), visitors and Users of ____________ (hereafter the “Site”) or the services provided by the Site.

CAREFULLY READ THIS PRIVACY POLICY BECAUSE BY YOUR USE OF THIS SITE AND ITS SERVICES YOU WILL BE EXPRESSLY SIGNIFYING THAT YOU AGREE TO THIS POLICY AND THAT YOU ASSENT TO THE TERMS OF THIS AGREEMENT, INCLUDING THE USE OF ANY PERSONAL INFORMATION THAT YOU SUPPLY OR THAT IS COLLECTED ABOUT YOU AS DETAILED IN THIS PRIVACY POLICY.

IF YOU DO NOT EXPRESSLY AGREE WITH ALL OF THE TERMS OF THIS PRIVACY POLICY YOU SHOULD NOT USE THIS SITE OR ITS SERVICES.

Example of the Body of a Privacy Policy (note: these paragraphs or wording contained in them may not be appropriate for your specific business, this is just an example).

1. HOW WE COLLECT MEMBER, VISITOR OR USER INFORMATION

If you visit this Site, we may collect and store in our databases, one or more of the following types of information (ìDataî): your Internet Protocol (IP) address; the name of the domain name from which you access the Internet; the IP address of the Website from which you linked to the Site or our network of sites; browser data; email address data; and the date and time you access our Site and its functions. (Note: this is a relatively thorough list for an average paysite program, but if you collect another kind of information just by someone viewing your site, then you would list that here.)

When a visitor, member, subscriber, or other Site user requests web pages from the Site’s server, clicks on banners or other links or otherwise uses or views the Siteís services, products or other functions, we or our agents may automatically collect some information (“Data”) about the visitor, member, subscriber or user. This information may include the IP address from which the
Site is being accessed, the pages or links that were requested, the special preferences or requests of the user and cookie information received from the computer of the visitor, member, subscriber or user.

Sometimes, we may ask you to provide personal information. Whether or not you provide this personal information is completely optional. This Optional Information may include your name, username, e-mail address, physical address (or part of it such as your zip code), telephone number, gender, marital status, occupation, education and any special interests or affiliations. Additional Optional Information such as a credit card number, expiration date, security code and billing address may be requested for participation in special promotions or offers, or for billing and shipping information.

When a subscriber, member or user of this Site sends any personal communication or correspondence, by any means, to the Site, the Company or any employees, agents or representatives of Company or Site, we may collect and use any and all such information and all other Data regarding that communication.

2. COOKIES

Internet cookies are used for authenticating, tracking and maintaining specific information about users, such as site preferences or shopping cart contents. Most Internet browsers allow the option to enable or disable cookies. You may disable cookies, but this may make portions of this Site unusable. Cookies are simple pieces of data unable to perform any operation by themselves. They are neither spyware nor viruses, despite the detection of cookies from certain sites by many anti-spyware products.

This Site uses cookies to make the browsing experience of our members, subscribers and users more efficient and convenient. Our system will use cookies to remember your web preferences, and to assist us in tracking and targeting the interests, preferences and desires of our Site users to present the most appropriate messages, offers and other communications to our users, and to generally enhance their experience at our Site.

Any and all information about Site visitors, members, subscribers or users collected by the Company, the Site or any agents or affiliates of Company or Site, through the use of cookies or other similar means may be included in our database and used in a manner consistent with this Privacy Policy.

We want to inform you that third parties such as affiliates and advertisers use cookies on or in association with our Site. We often have no access or control over these cookies. We may also allow third party service providers to deliver special offers or services to Site users and to control the use of their cookies on your computer. We urge you to consult the privacy policies of any third party that you encounter on this Site.

(Note: web beacon technology, otherwise known as Clear GIFs, function similar to cookies, but are different. If you use this technology then you need an additional paragraph about Clear GIFs and)

3. HOW WE USE AND SHARE DATA AND PERSONAL INFORMATION

We use the information described in Sections One (1) and Two (2) for a variety of functions. In addition to using cookies, Data and Optional Information in the ways described above, we use this information to measure the number of visitors to the Site, to measure how traffic is generated and where it comes from; to track the success of our affiliate program and its individual affiliates (with whom this information may be shared); to track the receipt and success of customer newsletters, promotional programs, special offers and advertisements; and to generate and provide our marketing partners, affiliates, licensees, purchasers and successors in interest with accurate statistics on the performance of the Site. We also use cookies, Data and Optional Information to track customer preferences and to adapt our products and services to those preferences.

4. CHANGING YOUR PERSONAL INFORMATION

5. UPDATES AND REVISIONS TO THIS POLICY

This Site reserves the right, in its sole and absolute discretion, to revise, amend, modify or revoke this Privacy Policy at any time and in any manner. Changes to this Privacy Policy will be effective upon the posting of any revision on the Site.

6. EFFECTIVE DATE OF THIS POLICY

This Privacy Policy will become effective on _____________.

Advertisements

Performers, Producers & Escorts: Naked in Public? Register as a Sex Offender!

As part of the ABL’s campaign to educate California voters on Proposition 35 here is a video excerpt from Mr. Francisco Lobaco from the American Civil Liberties Union (ACLU) addressing the California Legislature about his concerns how Prop 35 will infringe upon anonymous free speech on the Internet.

Under Proposition 35, anyone convicted of even a minor crime such as indecent exposure, even decades ago, will now be required to register as a sex offender. And as a register sex offender under Proposition 35, that person will now have to inform law enforcement of any name or alias they use in any online discussion group or social media platform within 24 hours of creating such account.

Failure to do so will be either a felony or misdemeanor – depending on what their underlying crime was which required them to register as a sex offender.

Which means if you are a performer or producer, you have to be very aware of the indecent exposure statutes especially if you produce anything outside in public. Sex/nudity in public can be indecent exposure. If caught you could end up as a registered sex offender and be required to tell the police of every screen name and alias you use on Twitter, Facebook and LinkedIn, FOREVER. If Proposition 35 passes you are going to be treated like a child molester. And according to Mr. Lobaco this might even apply to those that were convicted of or even plead guilty to indecent exposure years ago.

 

Privacy & Porn: Is Free Internet Porn Really Free ?

On May 26, 2012 a new privacy directive for online business, specifically aimed at the use of cookies on websites, went into effect across the European Union. That directive has not been adopted in the United States though. Over the past 5 years there has been a marked increased in the use of cookies by large websites to track surfers as they move across the Internet as well as to collect personal information for advertising purposes. Many feel as though the insertion of cookies onto a surfer’s computer without their consent is a violation of that surfer’s privacy. Others (mostly companies, advertisers and websites) feel as though that cookies enhance a users experience online and make it easier for websites to serve up information and ads that the user would be interested in receiving.

By now you may be asking what is a cookie. A cookie is a small text, flash or HTML5 file that a website can insert into your computer when you visit that website to help keep track of different things, like if you want to stay logged into a website, or your preferences within a website. Cookies are also used for advertising purposes. As a surfer travels across the Internet and clicks on different ads, visits certain sites and searches for different items cookies are there to record and relay this information to different ad servers. Many cookies relay information to are the owners of the websites the surfer is visiting. The website may insert their own cookies to enhance the surfer’s experience on their website. And for the most part without those types of cookies browsing the Internet would be much more difficult. However, there is also what is called third party cookies.

Third party cookies are usually for ad tracking and data mining purposes. Website A will sell third party cookie placement to Advertiser B. Advertiser B wants to track you everywhere you go to serve only certain advertisements to you as you surf. Based on the cookies you pick up along your surfing this will tell Advertiser B what you like to watch, where you live, how much you make, what you do for a living – basically gathering as much personal information as possible. This is where the real money is in advertising – targeted ads. So when you visit Website A they insert a third party cookie onto your computer for Advertiser B to track through an ad server. For this Advertiser B pays Website A a fee. Obviously the more visitors Website A has the more money they will make from Advertiser B. (Please see http://lifehacker.com/5887140/everyones-trying-to-track-what-you-do-on-the-web-heres-how-to-stop-them ). To make real money from this online you need a huge social network like Twitter or Facebook or you need a huge network of sites that surfers visit daily. Individual websites do not have the traffic to monetize this type of advertising.

According to Alan Henry of LifeHacker.com, “If you’re not paying for a service, you’re the product, not the customer.” In the world of free Internet porn, YOU are the product. More specifically your information is the product and its being data mined and tracked. Many are aware of the privacy concerns swirling around social media sites like Facebook. However, no one stops to think that this may also be an issue with your favorite free porn tubesite. Many of the larger porn tubesites have enormous amounts of daily traffic. Millions of people visit these sites collectively each day. Not to mine & track those visitors would be economically shortsighted for those tubesites.

Remember, there is no free lunch. Google hasn’t become of the most powerful companies in the world by supposedly giving away the farm for free. Have you ever once wrote a check or made a credit card payment to Google ? Probably not. If most of their services are free so how do they make money? According to Matthew Yglesias of Slate.com (Please see http://www.slate.com/articles/business/moneybox/2012/03/apple_vs_google_the_war_over_third_party_cookies_.html )

Google is not a charity, but it has built a remarkably successful company by giving products away for free. It’s a minor miracle that the best search engine, the best Web browser, the best email client, the best map software, and the world’s most popular mobile phone operating system are all made by the same company and available to the world free of charge. That’s not corporate beneficence: It’s the fruit of Google’s hunger for data, but it tastes sweet just the same.

Few ever think about the information they are giving to Google to resell each and every time they perform a search, look for an address on Google Maps or use their GMail account but that is exactly what is happening. Almost no one thinks about the information they are providing to their favorite free porn tubesite with each masturbatory session spent surfing through your favorite videos. No one stops and thinks, how can all of this great porn be free just as no one thinks how Google can provide what they do for free.

In the days long ago porn consumers were afraid of going into an adult store for fear they might run into someone they knew. Porn aficionados would lock away there “stash” in a closet or under a bed to keep their contents secret. In the world of Internet porn there is no anonymity. It is very difficult to secretly surf your favorite sites. Every click, every visit, every download is being monitored and tracked somehow. The users of BitTorrent sites are finding out that fact the hard way by being named in copyright lawsuits across the United States. Some estimates indicate that more than 250,000 porn downloaders have been sued in a last couple of years.

So how can you check to see if your favorite free porn tubesite or even paid membership site has third party cookies embedded into it ? That is fairly easy to do. There is a site called CookieCert.com ( http://www.cookiecert.com ). You can search just about any website on CookieCert. As an example I decided to check Playboy.com, one of the best know adult brands in the United States ( http://www.Playboy.com ). According to CookieCert.com, Playboy.com has a cookie score of 1 out of 5 stars. Their verdict is that Playboy.com is a site you should keep away from. Their “cookie audit” revealed that there were 17 permanent first party cookies and 12 third party cookies that were inserted into a test computer when they visit Playboy.com. Of these 12 third party cookies most are from a company called Pointroll.com ( http://www.pointroll.com ). Pointroll is a Gannett Company. You might have heard of Gannett before. You might have actually seen their billboard ads next to a highway. Well, Gannett is also in the online advertising business. From Pointroll’s About Us page;

Founded in May 2000, PointRoll, a Gannett company, has been instrumental in the evolution of digital engagement, pioneering technology including the expandable banner ad, in-banner video, and numerous technologies that enabled marketers to create, deliver and measure display ads as rich and full featured as a microsite without disrupting the user experience. Powering 55% of all rich media campaigns online and serving over 450 billion impressions for more than two-thirds of the Fortune 500 brands, PointRoll delivers results.

According to Pointroll.com, “as the digital landscape evolves, campaigns are becoming less about places and more about people – where to find the right audience and engage them across online, mobile, and other devices and platforms.” As Alan Henry said you are the product. Further, if you believe that Fortune 500 companies will not partner with porn companies you may want to think again.

Now that it is obvious that Playboy.com has third party tracking cookies the question becomes – so what ? Does Playboy.com mention cookies in there Privacy Policy ? Yes they do. Do they mention third party cookies ? No, they do not. Here is their Privacy Policy http://www.playboy.com/privacy-policy. However, in all fairness, legally they do not have to. However, on Playboy’s German based site, Playboy.de, they are required by EU privacy laws to disclose such information. Here is the third party cookie information from Playboy.de ( http://www.playboy.de/ ) which can be found at the very bottom of the footer by clicking on this link Über unsere Werbung ;

Data collection of other service providers in usage-based online advertising

In order to optimize advertising to you based on your user interests, we have allowed these other companies to collect usage data. On the websites of these companies for more data protection information to the respective offer:

As you can see third party cookies and mainstream advertising are now very much part of the acceptable business model of porn in the United States. And while the European Union may have passed a new stringent privacy law we have yet to do so here. You as an American have much less privacy rights online then surfers in most of the other developed countries in the world.

So the next time you are surfing your favorite pornsite or tubesite you may just want to consider who’s watching you as you’re getting off to your favorite adult star. Big brother is watching and he likes porn. Make sure you read the Terms of Service and the Privacy Policy of the adult sites you visit and if that site has a European counterpart – read their Privacy Policy as well. It might surprise you to see who’s cookies are being inserted into your computer.

For more information on third party cookies you can visit http://www.allaboutcookies.org/privacy-concerns/

If you want to remove third party cookies from your computer and prevent them in the future you can visit http://www.allaboutcookies.org/manage-cookies/

Two Degrees of Mr. Marcus by Charity Bangs

The opinions, beliefs and viewpoints expressed by the various contributors on this web site does not necessarily reflect the opinions, beliefs and viewpoints of AdultBizLaw.com and Michael Fattorosi nor should they be considered legal advice.

You may follow Charity Bangs on Twitter at http://www.twitter.com/charitybangs

The Mr. Marcus incident has been one that has impacted us all.  Even if you’ve never met the guy, or performed with him, you probably sat back and thought, hey, I bet I’ve slept with someone, or had close contact  with someone who HAS slept with him.  After all, this is a small group of individuals we like to call our industry, and we all know what happens when you try to find someone that’s beyond six degrees of Kevin Bacon. I’ll bet none of us are more that two degrees away from Mr. Marcus.

Now I’ve been purposely holding off on writing an article on this matter because I find it annoying when people speak about matters to which they don’t have a proper amount of information, and while I have far from ALL the information about this matter, I do feel like I’m now informed enough to form an educated opinion.

Now here are the assumptions I am making based off all the information that’s been put out.

First, Mr Marcus, at some point before TTS started testing for syphilis, did contract it.

Secondly, due to whatever reason, TTS in June, added syphilis to the standard panel, I am throwing out an educated guess here that it had something to do with the outbreak that was starting in europe.

Next, Mr Marcus receives a test that includes a positive syphilis result, now only he knows how much treatment he had leading up to that point, or what his confidential medical advice was, but the simple facts are he received a positive test.

Next, that test is altered so that he can continue to work.

Finally, he is caught, and the finger pointing begins

So here we are, in an industry that has unprotected sex with each other  (for now), and within our group, someone has, or had a STD that they felt they had to hide.  After all, we’re not talking about Chlamydia or  Gonorrhea, we’re talking about syphilis.  The finger pointers have all used this incident to try and push their own agendas, some say it’s Mr.  Marcus’s fault, some say it’s TTS’s fault, some say it’s the producers/directors that he shot with fault, and they’re all right,  there’s enough blame to go, but we’ll get to blame later.

First let’s discuss what we have to lose, our lives.  That was easy, doesn’t get much more dreadful than that right? OUR LIVES!  After all, most of us are two degrees away from Mr. Marcus, and had this been a more deadly STD, or worse, something new, we’d all be caught up in the net right now.  Like tuna about to be pulled up into a boat to die.  Great, now that we all realize we are gambling with, our lives, we can hopefully understand the severity of not specifically THIS incident, but the position we’re all in to be caught up in a much worse incident if we  don’t do something.

So what do we do?  Well that’s an answer that some people would need 100 pages to answer, and here’s the kicker, almost all those answers have an agenda behind them, someone that wants to profit from the answer, someone that wants to gain power from the answer, or someone that wants to control information from the answer.  Guys and gals, please, PLEASE know that those people don’t care about you, they don’t care about me, they only care about increasing whatever it is they want to gain.  And by blindly following any of those bodies you’re only enabling them, and for what, one scene? one sale? one bit of a thought that you’re in their good graces? Is that really worth your life?

Back to what the answer is.  The answer is understanding that your actions, my actions, everyone’s actions impact the entire industry, as we’re all no more than two degrees away from each other.  Because of that, if you want to enter this industry, you need to give up certain rights that were designed for those who do NOT have jobs who impact such a group. You heard me right, giving up rights.  After all, when you join the military, you give up a ton of rights, when you get a job you give up certain rights, hell, even people in positions such as athletes and politicians give up rights as a prerequisite for doing their job. Let’s use a football player as an example.  He goes out to practice one day and gets a horrible headache, he’s then seen by the team doctor.  That doctor then diagnoses the player with some life threatening condition that means he’ll never play football again.  You think the player can just tell the doctor, “Don’t tell the team that, I’ll just keep playing with it”.  No, the doctor must inform the team, and the team then determines, “Hey, this player is not in any medical condition to be playing this sport”.  As much as it sucks, when certain things happen to us, mainly the contraction of STD’s occur, we are in no condition to continue in this industry.  It sucks, yes, but it’s something we need to realize before, or when we enter.

Well, how do we enact this?  Simple, to be considered a performer, you have to waive your right to secrecy when it comes to STD’s.  Now that’s not saying when someone gets a positive test we blast it on twitter, but we can come up with a, probably quite small, notification list, of companies/directors, agents, treatment doctors, and owners that could be notified on a positive result.  Those on the notification list can even be asked to sign some sort of NDA to where they cannot leak this information.  This list is then used to determine who was exposed as a result of this positive test, and how best to notify those exposed.  That’s it, simple, no power struggle, and we get to do, legally, what is most important, notify the exposed talent.

As of now, no one seems to want to give up their rights though, so now we get to blame.  You should see where I’m going with all this, that we are ALL to blame.  We’re all way too greedy with our privacy, and now we’re complaining that someone actually USED that privacy to pull a fast one on us.  Why not blame MM?  Well he is to blame a little, but I’m not going to villainize him, I’m not going to sit here and be under the illusion that everyone else in the industry would stand from the rooftops and notify every partner they’d ever had, and never work again, no, you’re crazy if you think that under the current system, this will never happen again.  Some want to blame TTS.  Well, those are people with something to gain from seeing TTS go the way of the dodo bird because TTS is actually the entity with absolutely NO blame here, and had CET been the testing facility, they would have had no blame either. Mainly because TTS/CET is bound by those rights I spoke of that we need to give away when entering the industry.  Those rights are in most part related to HIPAA.  I don’t have the time nor the energy to explain HIPAA in detail, so just google it guys, you’ll see very quickly that itis ILLEGAL for TTS/CET to share results from an STD test to ANYONE but
MM.  And that is the flaw in the system.  We’re relying on the talent to do the right thing, and in this case and probably many times in the past and future, they didn’t.

In my opinion, all the other details in this matter are irrelevant.  Well maybe not irrelevant, but squabbling about them will not get us any closer to making sure this doesn’t happen again.

So there you are, a relatively short opinion on what is important in this  incident, and what we need to do to prevent it from happening again. Maybe we can all come together because of this incident, or maybe it’ll take a larger, more deadly incident to do that, who knows.

Performer Testing… Is There a Hidden Agenda ?

I hate having to wear my tinfoil hat as one of my Twitter followers pointed out but sometimes it is necessary. Several days ago I posted an article about “Who Should Pay for Performer Testing.” Now I feel compelled to discuss what testing may or may not mean to those who actually control it.

Most industry members see testing as a profitable money making endeavor for whomever controls it. While others believe that those that control the test results can also control the release of information in case of a STI outbreak and might even be able to minimize potential legal liability. Some just see it as a “pissing contest” between several egos.

There is a third potential possibility as well. Many people are now starting to understand that information is worth money. Data mining is a big time business in this world. STI testing results are indeed worth money to the United States government as well as corporations developing new drugs for STIs.

If you follow me on Twitter you might have noticed that on August 9, 2012 I tweeted about how the National Institutes of Health offer grant money to study HIV screening and testing ( http://grants.nih.gov/grants/guide/pa-files/PA-11-118.html ) On Saturday, August 11, 2012, Talent Testing Service announced that they just formed a partnership with University of California, Los Angeles on a sexual health study ( http://business.avn.com/company-news/Talent-Testing-Service-Partners-with-UCLA-on-Sexual-Health-Study-485112.html ).

Performers wanting to receive a $40 gift card and free follow up STI medical care can participate in the study. Which essentially means that UCLA will have the right to their test results and medical care to use as part of their study – in essence a performer waives their right of privacy in so much that the information will could be sold. I am sure this information will be sanitized – meaning names will be removed since UCLA probably doesn’t care about a performer’s name or identifying information – rather UCLA cares about the empirical data – how often one tests, how often one catches an STI, the treatment received for such, how long the treatment lasted and how effective the results of the treatment were. That could be a data goldmine for a drug company trying to develop the next anti-biotic to fight any one of the many STIs on the planet.

How much can a group or organization receive for this type of information ? According to the link I posted to the National Institutes of Health’s grant overview information website, there is no limit. However if you want more than $500,000.00 you have to call the NIH directly. Apparently you cannot just email the application for a grant requests at that level.

I am not saying that Talent Testing Services received the grant themselves, however it does appear that UCLA has indeed received grant money for the study of STIs. The performers present a very unique situation in the world when it comes to STI research. I am going to bet that no where else in the United States does a group of people test for and possibly contract STIs as much as performers do in porn. And now that the testing cycle is being pushed to every 14 days, the amount of information is only going to increase and therefore the potential gold mine of data will increase in value as well.

As I tweeted, “there is gold in them thar HIV tests !”

 

 

Porn, Privacy, HIPAA – Redux

http://www.xbiz.com/articles/124370/fattorosi

In February, the AIDS Healthcare Foundation took their fight against AIM and the adult industry to the authorities of the federal Office for Civil Rights, a federal agency under the U.S. Department of Health and Human Services that enforces HIPAA, the California Office of Health Information Integrity enforcement Unit and Los Angeles County’s Health Facilities Inspection Division.

Rhett Pardon, of XBIZ, quoting AHF’s letter stated, “The authorization is essentially a waiver of privacy rights that is against public policy,” the letter said, citing Civil Code § 56.37. “Disclosures of testing results pursuant to such an invalid authorization would therefore appear to breach the actors’ privacy rights.”

The U.S. Department of Health and Human Services will now investigate whether AIM has violated California Civil Code § 56.37 as well as federal law. Jeffery Douglas, attorney for AIM, has stated that AIM’s HIPAA release has been vetted by experts in the privacy law and HIPAA and that AIM stands behind its release.

So what happens now and what does this mean to the industry and more specifically to performers and producers of adult content? If the investigation concludes that AIM’s release is too broad, their release may have to be rewritten, limiting who, how and for how long testing results may be disclosed. This may change how the industry handles the issue of testing between producers and performers. Access to testing results by producers may have to be blocked with only performers showing each other test results prior to shooting.

Performers themselves could share testing results with the producers though. There is no restriction on an individual’s rights to share their medical history or test results with whomever they wish.

Obviously, this issue will continue to evolve and everyone must stay informed as to how HIPAA may change how the industry does business. Cal/OSHA will be holding hearings later this month (June 29, 2010) as to the use of condoms on adult sets.

The original article “Porn, Privacy and HIPAA” was published in the summer of 2009 in XBIZ directly after the last HIV outbreak in the industry, however the issues covered in it remain relevant. The following are excerpts from that article.

Within HIPAA are confidentiality provisions of the Patient Safety Rule that prevent, in certain circumstances, the public disclosure of private healthcare information of a patient by a medical provider, health plan and health care clearing houses.

However, HIPAA does not apply to employers. The Privacy Rule does not prevent your employer from asking you information about your health if your employer needs the information to administer sick leave, workers’ compensation, wellness programs, or health insurance. However, if your employer asks your health care provider directly for information about you, your provider cannot disclose the information in response without your authorization.

It should be noted that if your private medical information is disclosed by a medical provider, that medical provider or their employee may face civil as well as criminal liability. A Los Angeles woman was indicted under the federal HIPAA privacy law for accessing the private medical records of celebrity patients at UCLA Medical Center and selling information obtained from those files to a national media outlet. The celebrities whose records were breached reportedly included actress Farrah Fawcett, singer Britney Spears and California first lady Maria Shriver.

The Privacy Rule allows medical providers, such as AIM, to disclose protected health information, without authorization, to a public health agency that are legally authorized to receive such reports for the purpose of preventing or controlling disease, injury, or disability. In this case, the Los Angeles County Public Health Department would be such an agency. Generally, medical providers are required to limit the protected health information disclosed for public health purposes to the minimum amount necessary to accomplish the public health purpose. Unfortunately, HIPAA prevents the public disclosure of those that are infected or who may have been exposed.

However, individual performers that might be afraid that they were exposed could still inquire into the identity of those exposed to determine if they if fact were. Private disclosure in the interest of public health may be allowable. Under the Privacy Rule, a medical provider may disclose protected health information to a person who is at risk of contracting or spreading a disease or condition if other law authorizes the covered entity to notify such individuals as necessary to carry out public health interventions or investigations. For example, a covered health care provider may disclose protected health information as needed to notify a person that (s)he has been exposed to a communicable disease if the covered entity is legally authorized to do so to prevent or control the spread of the disease.

However, performers must be careful about sharing what information they may learn. An infected performer that is “outted” by another individual can file a lawsuit under the common law theory of public disclosure of private facts. If a false report is made as to a performer’s HIV positive status, that performer may have a claim for false light. This is were the plaintiff is placed into a false light in the eyes of the public that may damage their career and cause emotional distress. Obviously, if someone mis-reports that a performer is HIV positive or even exposed to HIV that can cause great distress as well as the lost of a career. Damages for both public disclosure and false light could be extensive.

Overall, in an adult industry that lays its self open to all that consume its product, there is still a need for privacy within the industry.

Porn, Privacy and the HIPAA

http://www.xbiz.com/articles/113008/fattorosi

How can an industry that bears all to its consumers ever consider privacy to be a hot topic? The story of the possible infection spread rapidly throughout the community and even into mainstream press. I was personally contacted by Los Angeles’s Tribune affiliate KTLA for a quote after the reporters there picked up the story from the Los Angeles Times.

As I write this article, what did not make it into the press were the actual identities of the performers infected or exposed in this most recent outbreak.

Dr. Sharon Mitchell, director of the AIM Healthcare Foundation, declined to make the identities of those performers known, citing confidentiality issues.

What Mitchell was referring to was a rather unknown law within the industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Within HIPAA are confidentiality provisions of the Patient Safety Rule that prevent, in certain circumstances, the public disclosure of private healthcare information of a patient by a medical provider, health plan and health care clearing houses.

However, HIPAA does not apply to employers. The Privacy Rule does not prevent your employer from asking you information about your health if your employer needs the information to administer sick leave, workers’ compensation, wellness programs or health insurance.

However, if your employer asks your health care provider directly for information about you, your provider cannot disclose the information in response without your authorization.

It should be noted that if your private medical information is disclosed by a medical provider, that medical provider or its employee may face civil as well as criminal liability.

Los Angeles woman was indicted under the federal HIPAA privacy law for accessing the private medical records of celebrity patients at UCLA Medical Center and selling information obtained from those files to a national media outlet. The celebrities whose records were breached reportedly included actress Farrah Fawcett, singer Britney Spears and California first lady Maria Shriver.

Many posters on adult message board GFY.com, as well as performers I talked to immediately after AIM reported the outbreak, indicated that they were not pleased that more information was not released. Several performers indicated that they felt as though it was their right to know since they could also become infected.

Unfortunately, until an outbreak such as this becomes a matter of public health, the information must remain confidential. The Privacy Rule allows medical providers, such as AIM, to disclose protected health information, without authorization, to a public health agency that is legally authorized to receive such reports for the purpose of preventing or controlling disease, injury or disability.

In this case, the Los Angeles County Public Health Department would be such an agency. Generally, medical providers are required to limit the protected health information disclosed for public health purposes to the minimum amount necessary to accomplish the public health purpose.

Unfortunately, HIPAA prevents the public disclosure of those that are infected or who may have been exposed.

However, individual performers that might be afraid that they were exposed could still inquire into the identity of those exposed to determine if they in fact were. Private disclosure in the interest of public health may be allowable.

Under the Privacy Rule, a medical provider may disclose protected health information to a person who is at risk of contracting or spreading a disease or condition if other law authorizes the covered entity to notify such individuals as necessary to carry out public health interventions or investigations.

For example, a covered health care provider may disclose protected health information as needed to notify a person that (s)he has been exposed to a communicable disease if the covered entity is legally authorized to do so to prevent or control the spread of the disease.

Other posters on GFY.com indicated that once a performer gained the knowledge of the identities of the infected and exposed individuals they should make it known to the rest of those in the industry.

Some even argued that this was allowable since HIPAA does not apply to individuals that do not have access to the medical records of those infected and or exposed. However, one must be aware that even though HIPAA may not prevent such a disclosure, there are common law torts that can result in a civil lawsuit if certain private facts are disclosed.

An infected performer that is outed by another individual can file a lawsuit under the common law theory of public disclosure of private facts. If a false report is made as to a performer’s HIV positive status, that performer may have a claim for false light.

This is where the plaintiff is placed into a false light in the eyes of the public that may damage his/her career and cause emotional distress. Obviously, if someone misreports that a performer is HIV positive or even exposed to HIV that can cause great distress as well as the loss of a career. Damages for both public disclosure and false light could be extensive.

Overall, in an adult industry that leaves itself open to all that consume its product, there is still a need for privacy within the industry. However, it is apparent that the manner in which this last situation was handled was not to the satisfaction of other performers, directors, agents and producers in the San Fernando Valley.

They felt as though they deserved to know which performers were actively infected and which were on the quarantine list so as to protect themselves. Immediately after the outbreak I talked with numerous performers. Some of which indicated that they would be either leaving the industry, no longer doing boy/girl scenes, or rethinking what sexual acts they will do from this point forward. Lack of information can breed resentment and doubt.

There is little doubt in this writer’s mind that sometime in the future, this issue will once again reappear.

How the industry handles it and what comes to light in the middle of a media storm will affect the industry’s ability to remain autonomous. There has been a push once again to regulate the industry through legislation and public policy. Failure to heed these warnings can result in the regulation of the industry by groups on a national level that do not have the industry’s best interest in mind.