In order for my daughter to see her orthodontist, I needed to fill out the prerequiste medical records for her. The question which prompts this blog post was in fact, my marital status. And it was A REQUIRED FIELD!
Not my daughter's marital status, my status. Now, what possible reason could an orthodontist need to know a patient's parent's marital status?
The options were single, married, divorced, widowed and separated. Why did I choose “widowed” instead of something a little less dramatic? Spite. I could have gone with single, but I went with widowed.
Did I ask the orthodontist? Absolutely. What was their answer? "Oh don't worry about that, you can put whatever you want there". But again, the field is required so you must put something in order to have a visit scheduled.
It makes you wonder why though doesn't it? Why do they need to know this information? When I asked them, they didn't seem to have an answer. And what's worse, they didn't care that it was a required field. Their excuse was the medical record system that they used and that it couldn't be changed. I suppose I could have scheduled an appointment with another orthodontist but that's a bother. Therefore in order to make an appointment, I put widowed.
Here's the next question - what are they doing with that information?
A number of years ago, we landed a new client and the first project was upgrading their Kentico platform to the latest version. It was a fairly complicated project as there was a great deal of custom code and as a result, we needed to perform a comprehensive review of the code and the database with the client.
When I reviewed the form tables, my jaw dropped when I saw a data field for "social security number" tied to a contact us form. A quick sql search showed hundreds of seemingly legitimate numbers in the database. I turned to my client and asked him why he had social security numbers in a simple contact us form. First he was shocked, then he was angry. He had no idea that the information was being captured. I asked him why a contact us form would need social security numbers and his answer was that there wasn't one. When we reviewed the contact us form, the field was no longer active but the values were still contained within the database.
We brought the information to the security team and then promptly deleted the data. When we asked around as to why the form had social security number, no one could tell us why. Could it have been added because someone thought it was important information? Obviously hundreds of people entered in their information. Could the form field have been required? Did someone simply add in the field and no one questioned the action?
Whenever we work with a client on a new data acquisition strategy, we focus on capturing data that is relevant and respectful. We view certain PI information as if it is radio active and as such it requires special handling. The fact that my daughter's orthodontist didn't care to address my concerns tells me something about that organization and its laxidazical approach to personal information.
What's the lesson learned here? If you are in the business of capturing data, be respectful as to what questions you are asking and make certain that you have a need for the inforamtion you are in fact capturing.