There's probably compact signatures extracted from the screenshots (color profiles, OCR, etc) which are then uploaded later in bulk. You don't need the full original image to be able to reliably uniquely identify the content if you have an index of it already.
I'm wondering if there is some sort of steganographic watermark that broadcasters are including in media, to enable stuff like this. Probably would need to be robust in the presence of re-encoding, more compression, etc..
I thought the 2013 amendment to the VPPA largely defanged it by allowing sharing with customer consent (which is probably one of the clauses in the million-word customer agreement nobody reads).
Are health providers using PS5s in a context where information may be leaked to other providers? What kind of information would you expect to be displayed that might violate HIPAA?
As other users mentioned, these screenshots are almost certainly not being transmitted as screenshots as the bandwidth costs would be enormous. The screenshots are converted to a hash on the user’s device before being sent to a server where the hash is compared to a database of known hashes. A user’s x-ray would just appear as a hash. This might still constitute a HIPAA violation, but I doubt it.
I’m not sure what relevance there is to other providers?
I work with a lot of small medical offices, and they do use consumer Smart TVs in some contexts. I typically limit their network access for other reasons, and displaying X-rays isn’t something I’ve personally facilitated, but it wouldn’t shock me to discover it’s being done in other clinics, and the popularity of cloud-based ePHR software has left a lot of smaller clinics with very limited internal I.T. services.
The destination isn’t relevant, if the image leaves the clinic at all without consent, that’s a HIPAA violation. Fortunately, I think it’s more likely that the images are sampled and/or hashed in a way that means the full image isn’t technically transmitted, but considering the consequences and costs of a data breach, I’d definitely be wary of it.
Boardroom presentation TVs in publicly traded companies would yield insider information.
Sending 4k screenshots twice a second to a server would be tremendously bandwidth hungry. My guess is that it's all done locally.
There's probably compact signatures extracted from the screenshots (color profiles, OCR, etc) which are then uploaded later in bulk. You don't need the full original image to be able to reliably uniquely identify the content if you have an index of it already.
I'm wondering if there is some sort of steganographic watermark that broadcasters are including in media, to enable stuff like this. Probably would need to be robust in the presence of re-encoding, more compression, etc..
This has been long solved by YouTube for detecting CP and other non-compliant videos.
For example, check out https://github.com/akamhy/videohash
It is a violation of the VPPA to collect this for streaming services and prerecorded media. Scheduled broadcast and cable TV aren't covered.
I thought the 2013 amendment to the VPPA largely defanged it by allowing sharing with customer consent (which is probably one of the clauses in the million-word customer agreement nobody reads).
Pretty sure that’s why this lawsuit will have some legs - the deceptive way folks are opted in without really understanding what is happening.
I’m shocked to be agreeing with Ken Paxton but he’s right on this one.
Yeah that’s why Webex is still in business. TVs are a great entry point to LANs.
> HIPAA
Are health providers using PS5s in a context where information may be leaked to other providers? What kind of information would you expect to be displayed that might violate HIPAA?
Patient xray for example, blown up on big tv
As other users mentioned, these screenshots are almost certainly not being transmitted as screenshots as the bandwidth costs would be enormous. The screenshots are converted to a hash on the user’s device before being sent to a server where the hash is compared to a database of known hashes. A user’s x-ray would just appear as a hash. This might still constitute a HIPAA violation, but I doubt it.
One cannot unscramble hash and tell what does it present
This seems like an extremely unrealistic scenario for a given ps5
Also how would other providers be privvy to this view of this xray?
I’m not sure what relevance there is to other providers?
I work with a lot of small medical offices, and they do use consumer Smart TVs in some contexts. I typically limit their network access for other reasons, and displaying X-rays isn’t something I’ve personally facilitated, but it wouldn’t shock me to discover it’s being done in other clinics, and the popularity of cloud-based ePHR software has left a lot of smaller clinics with very limited internal I.T. services.
The destination isn’t relevant, if the image leaves the clinic at all without consent, that’s a HIPAA violation. Fortunately, I think it’s more likely that the images are sampled and/or hashed in a way that means the full image isn’t technically transmitted, but considering the consequences and costs of a data breach, I’d definitely be wary of it.
> I’m not sure what relevance there is to other providers?
The point of HIPAA is to prevent providers from colluding against you.