 Medical records are perhaps some of the most sensitive pieces of data that you will ever work with. If you're storing your own copies of medical data, like physical copies, then chances are you've got them locked in a desk drawer. And if it's being stored digitally, then I at least sure hope you have it on some kind of encrypted drive, ideally a full disk encrypted drive, at the very least an encrypted folder with a really good password on it. And if you've ever worked for a company that has to handle people's medical records, then you've probably learned about HIPAA privacy rules or really HIPAA privacy laws at some point in how those laws and regulations shape the way that that sensitive medical data has to be stored and how it can be accessed. So for the most part, these regulations are designed to protect your privacy, but not when it comes to law enforcement. So if we read about your rights under HIPAA right from the US Department of Health and Human Services website, you can see here under who is not required to follow the laws that most law enforcement agencies and many state agencies like child protective agencies don't have to follow HIPAA laws. So it really kind of gives off that rules for thee, but not for me vibe. But that's just how things tend to work if you've been paying attention, which is probably why this headline is not going to be a surprise for many of you. CVS, Rite Aid, Walgreens and many other pharmaceutical companies hand out medical records to cops without warrants, your medical records. So this news comes from a letter that was sent to the Department of Health and Human Services almost two weeks ago now reading, we are writing to share concerning findings from a recent oversight inquiry into the privacy practices of pharmacies related to law enforcement demands for patient records. Through briefings with the major pharmacies, we learned that each year law enforcement agencies secretly obtain the prescription records of thousands of Americans without a warrant. In many cases, pharmacies are handing over sensitive medical records without review by a legal professional. Although pharmacies are legally permitted to tell their customers about government demands for their data, most of them don't. So they don't have a gag order or anything. They're just lazy, guys. They're just lazy. And as a result, many Americans prescription records have few meaningful privacy protections and those protections vary widely depending on which pharmacy they use. So as you saw there, not only are the medical records being handed over to police without warrants, but most of the time you as a customer are not even getting a notification that this handoff has taken place, which greatly increases the risk of data being stolen and ending up in the wrong hands. Because at least if you get a notification, like if you're just sitting around, you didn't do anything wrong to nobody and then all of a sudden right-aid calls you and they're like, hey, the police came by and they requested a lot of information about your prescription. You know, you might then at least be able to go follow up with the police or, you know, get your lawyer involved because, hey, something weird's going on. You know, why are the police requesting my prescription information? Because, you know, my gut feeling with this is just that they're going really above and beyond to try to fight some kind of drug crime where they're just, I don't know, trying to find everybody that has a prescription for something that's being sold illegally on the streets. Because you see, for a cop to get a warrant, right, there's a reason that cops normally have to get warrants for information like this because there's a formal process that has to be gone through. A judge has to sign off on the warrant. So at the very least, you're involving another party, pretty much another branch of government into the mix, you know, this is like those checks and balances that they teach about in civics class. But just for the police to inquire about something, that's obviously just handled by the police. And don't even get me started on the fact that impersonation of a police officer is much easier if the police are just inquiring. Okay, I mean, it's much easier to impersonate a cop that's inquiring than it is a cop that's serving a fake warrant because, you know, it's got to be signed and checks and balances and whatnot. But even without impersonation, the risk of your rights being violated by an unnecessary police inquiry goes up dramatically. Because unless you're a fool, you're probably well aware that the police routinely break the law. And I'm not even necessarily talking about corrupt cops that are breaking the law on purpose, like taking bribes, trying to shake you down or, you know, just going way too far to investigate a case. Obviously that can happen. But instead of talking about corruption, let's just talk about incompetence. How many cases have we seen where police simply don't know the law themselves? There's plenty of cases that you can see online with police asking people for their IDs without the suspicion of a crime or trying to prevent people from filming inside of city hall or on some other public building where a person can legally film. You know, there's a lot of stuff like that on the First Amendment auditor channels. And sure, in some of these cases, the police actually do know the law and they're, you know, breaking it anyway. But with obtaining ID unnecessarily, that is in the same boat as trying to obtain medical records unnecessarily because maybe the cops think it's going to help them catch Pablo Escobar to know when you last bought some Sudafed. And that brings me to the other part of this whole situation here that I don't see anyone talking about. You know, this letter to HHS, it mentions a lot of different companies in it. You know, it mentions Rite Aid, Cigna, OptumRx, Walmart, the Kroger company, Amazon. I didn't even know that Amazon pharmacy was a thing. That's crazy. But you know, most, if not all of these corporations, like obviously the big tech ones like Amazon, they make huge profits from collecting and selling customer data, whether it's how you browse for things in their apps, you know, obviously everything you do within all the Amazon apps, that's all tracked by them. Or in the case of brick and mortar stores, like when you go into a Rite Aid or certainly when you go into a Walmart, your every movement within their store is being tracked. Like they track when you go down the aisles, how much time you spend on the aisles and whatnot. And that's supposed, I guess, help them optimize the layouts of their store. Who knows what else it's being used for and who else it's being sold to. But it's no surprise that these companies here would also play fast and loose with your medical data because they're already doing the same with your customer data. There's a lot of regulations that you have to comply with to get into the legitimate licensed pharmaceutical industry, regulations that are supposed to protect you, to protect you as a customer of these various places. But as you can see from this congressional letter, the regulations are not doing much to protect the accessibility of your data when it's in these corporate systems, these big tech systems that want to sell your data or just give it away to the police in this case. The protections are so unhelpful that it's almost like it's done that way by design. If we had the freedom to buy our pharmaceuticals from Mexican hotdog vendors, then we would actually get better privacy than we do with these companies because I can give Hector cash, he doesn't have cameras in his business and all of his customer records are covered in mustard. So when the feds come by trying to collect data from Hector without a warrant about my ketamine and chili dog consumption, he doesn't just hand over my records to them along with the cold Fanta because Hector's hotdog stand unironically gives customers better HIPAA protections than Big Pharma.