Oracle in Federal court class-action lawsuit on global privacy violations; Cerner VA EHR had 498 major outage incidents, 7% of time since rollout

August 25, 2022 | by

Oracle’s miseries multiply, both in Federal Court and with the VA. The first is taking place in the US District Court for the Northern District of California. Three plaintiffs in a class-action suit charge in a complaint filed on Friday 19 August that Oracle is running a giant ‘surveillance state’ on billions of people. From the complaint, “the regularly conducted business practices of defendant Oracle America, Inc. (“Oracle”) amount to a deliberate and purposeful surveillance of the general population via their digital and online existence. In the course of functioning as a worldwide data broker, Oracle has created a network that tracks in real-time and records indefinitely the personal information of hundreds of millions of people” and sells this information to third-parties, without consent of course.

The complaint, filed 19 August, states that Oracle’s BlueKai Data Management Platform, which includes the Oracle Data Marketplace–likely the world’s largest commercial data exchange–and to the point, the Oracle ID Graph “synchronizes the vast amounts of personal data Oracle has amassed; that is, it matches personal data that can be determined to share a common origin with other personal data.” The charge is essentially that Oracle spies on you and has set up the world’s largest surveillance database of billions of people using the billions of data points most everyone generates online over decades.

All three plaintiffs are privacy-rights advocates: Michael Katz-Lacabe of the Center for Human Rights and Privacy; Dr. Jennifer Golbeck, director of the University of Maryland’s Social Intelligence Lab; and Dr. Johnny Ryan, a Senior Fellow at the Irish Council for Civil Liberties (ICCL), and at the Open Markets Institute. 

Dr. Ryan’s organization, the ICCL, stated that “Oracle’s dossiers about people include names, home addresses, emails, purchases online and in the real world, physical movements in the real world, income, interests and political views, and a detailed account of online activity: for example, one Oracle database included a record of a German man who used a prepaid debit card to place a €10 bet on an esports betting site.”

No dates have been set for hearings or as requested, a jury trial.

In Europe, Oracle had faced similar action along with Salesforce on privacy violations under GDPR. The Privacy Collective’s case was ruled inadmissible by a judge in the Netherlands last year, but is being appealed.

If the action proceeds, this strikes at the heart not only of Oracle’s data business but also Google and any data analytics or brokerage company. Look over your shoulder…someone’s coming after you.  TechMonitor.ai

Meanwhile, back at the endless tsuris called the VA EHR implementation, Oracle Cerner got more verbal beatdowns from the VA’s Secretary of Veterans Affairs and Senate committee members. FedScoop, through a FOIA (Freedom of Information Act) request living up to its name, was able to quantify the system outages in the Cerner Millenium system between 8 Sept 2020 and 10 June 2022. Of the 640 days the system was in place, it was out or nearly out for about 45 days, or 7%, when time lost in all of the 498 incidents is calculated.

  • 428 incomplete functionality incidents (930 hours of the system partially not working)
  • 49 degradations (103 hours of degraded performance)
  •  24 outage incidents (40 hours of complete down time) 

Where responsible parties could be identified, Oracle Cerner was responsible for about two-thirds of the incidents. Interestingly, the remainder were attributed to the VA. As to root causes, the VA could not identify them in about 50% of the cases. There’s some squirreliness in VA’s internal reporting on multi-day outages, which are more serious because the longer the outage, the more damage and the harder it is to pin down a cause.

Secretary of Veterans Affairs Denis McDonough said to FedScoop: “The bottom line is that my confidence in the EHR is badly shaken.” which has to count as an understatement significant enough to hold off further implementation until 2023. House Veterans Affairs Subcommittee on Technology Modernizing Ranking Member Mike Bost, R-Ill., said: “The number of incidents listed in this disclosure is alarming. Some part of the Cerner system has been down more often than not for nearly two years.” 

The Showboat of Misery keeps Rollin’ Down the River: the 4 Aug outage, the Senate hearing with Oracle’s Mike Sicilia, the infamous ‘unknown queue’ 21 July and 21 June

How technology can help fight elder abuse–ethically

September 9, 2015 | by

The increasing awareness of abuse of older people by their caregivers, whether at home or in care homes/assisted living/nursing homes, invites discussion of the role that technology can play. This presentation by Malcolm J. Fisk, PhD, co-director of the Age Research Centre of Coventry University, in the BSG Ageing Bites series on YouTube looks at technologies viewed by level of control and intrusiveness:

  • Social alarms, which include pull cords (nurse call) and PERS–what we think of as ‘1st generation’ telecare: high level of control, low intrusiveness–but often useless if not reachable in emergency
  • Activity monitoring, which can be room sensor-based or wearable (the 2nd generation): less control, slightly more intrusive–also dependent on monitoring and subject to false positives/negatives
  • Audio and video monitoring, while achieving greater security, are largely uncontrolled by the older person and highly intrusive to the point of unacceptability. (In fact, some feedback on tablet-based telehealth devices indicates that a built-in camera, even if not activated, can be regarded with suspicion and trigger unwanted reactions.)

The issues of consent, and balancing the value of autonomy and privacy versus factors such as cognitive impairment, personal safety and, this Editor would add, detecting attacks by strangers and not caregivers, are explored here. How do we ethically observe yet respect individual privacy? This leads to a set of seven principles Dr Fisk has published on guiding the use of surveillance technologies within care homes in the latest issue of Emerald|Insight (unfortunately abstract access only) Video 11:03Hat tip to Malcolm Fisk via Twitter.