Documenting all the places
personal data goes.


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.

Retail and 3rd-party on-site pharmacies receive data from you and from physicians, and provide data to pharmacy benefits managers and clearing houses for payment, and to pharmaceutical companies and prescription analytics companies for marketing purposes.

Laws require a prescription as a condition of acquiring controlled medications. The information on a prescription includes your name, date of birth, and address, the date, and the name of the physician and kind and dosage of the medication.


Kabafusion purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.


Crescent Health Inc., Walgreens had a data breach in 2013, in California. Desktop computer hardware was stolen from the Anaheim Billing Center of Crescent Healthcare, Inc. on December 28, 2012. The theft was discovered on Monday, December 31 and reported to law enforcement. Names, Social Security numbers, health insurance identification numbers, health insurance information, dates of birth, diagnoses, other medical information, disability codes, addresses, and phone numbers may have been exposed.UPDATE(04/03/2013): Over 100,000 people were affected. (100000 records involved) [source].


(return to health DataMap)

Copyright © 2012-2016 President and Fellows Harvard University.