Hacker News new | past | comments | ask | show | jobs | submit login

I'm glad you made that point. We are very aware of how important user privacy is for this sensitive information. We want to begin the conversation with users while we're young so that we don't mess it up when we're big (a la facebook).

As a general principal, we will only reflect data back that has been fully anonymized. In fact, we don't collect personally identifiable information (that's why there are only 3 choices for age right now). We are building HIPAA-compliant software (even though it's not legally applicable to us yet). We have a team of advisors, including privacy experts, but honestly, we believe the best ethics panel will come from the users and are very interested in feedback in this respect.




> we believe the best ethics panel will come from the users

Not when it comes to HIPAA compliance. This isn't about finding the best ethical code of conduct for privacy (which can be tricky), but simply abiding by existing and well-defined rules; all users agreeing you're a paragon of virtue doesn't matter much if you break said law once it does apply to you.

Please understand I've no wish to rain on your parade; it's just that I know all too well dealing with HIPAA can cause some headaches, but that's part of the game when working in anything connected to healthcare in the US.


That's true, for HIPAA compliance, there is no negotiation and we will meet that standard.

But there inevitably will be some user concerns that fall outside of HIPAA compliance. So, we see HIPAA+HITECH as a minimum requirement. We don't expect it to be sufficient, however, and that's where user feedback, the "user ethics panel" if you will, comes in.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: