Breach of Porn Actors’ Data Reveals Failure of AIM Clinic Testing Model By: AIDS Healthcare Foundation
Performers, not producers, should have password-protected access to their own testing and health data from the Adult Industry Medical (AIM) HealthCare Foundation HIV Testing Clinic in Sherman Oaks
AHF asserts the Industry-funded clinic also continues to violate federal patient confidentiality laws via online database of patient info for porn producers while refusing to share same crucial public health data with the Los Angeles County Department of Public Health and Cal/OSHA
After over 12,000 current and former adult film performers who tested for HIV and other STDs at the Adult Industry Medical Healthcare Foundation’s (AIM) HIV Testing Clinic in Sherman Oaks had their privacy breached when their personal data collected from AIM was published illegally on a Wiki-leaks type website earlier this month, the AIDS Healthcare Foundation (AHF), which has separately been spearheading a workplace safety campaign to require the use of condoms in porn, harshly condemned the release of such personal patient data, yet also noted that the privacy breach underscores the vulnerability of AIM’s entire clinic business model. The industry-funded clinic serves 1,500 to 2,000 active adult film performers each year; however, over the past year it has faced mounting trouble. According to the LA Times (3/30/11), “The AIM clinic opened in 1998 but was shut down in December by Los Angeles County public health officials two days after state health officials denied its application to operate as a community clinic based on what regulators called "business-related issues." The clinic was sold and allowed to reopen last month as AIM Medical Associates P.C., part of a doctor’s office regulated by the Medical Board of California, according to state officials.”
“Despite our differences with AIM and segments of the industry over condom use, we are indeed saddened by the news of this privacy breach of personal information of over 12,000 current and former AIM patients,” said Michael Weinstein, President of AIDS Healthcare Foundation. “However, this breach should not come as a surprise to any care provider who dutifully manages and cares for populations of patients. The entire business model of the AIM clinic has been flawed from the start, and as a result, its patients’ privacy has been violated. Performers—not producers—should be the ones to have password-protected access to their own testing results and health data from the AIM Testing Clinic. Performers should also be the ones who choose to share that information with producers they intend to work for. As it stands, AIM views the producers as their clients, not the performers walking through its doors each day to get tested.”
While AIM charges each patient (and potential adult film performer) for HIV and other testing (something that is illegal under California law), they also require patients to sign overly broad patient release forms allowing industry producers to view the test results and health data. Producers in turn pay a regular monthly subscription fee for unlimited access to AIM’s entire database of test results for current and previous performers.
It is unclear where or how the privacy breach occurred—from inside AIM, or from a subscriber to AIM’s testing results database.
Is “breech” a play with words? That means hind quarter or buttocks.
First of all hackers can get to anyone. The most secure companies get their info hacked as well as the US Govt. As soon as someone thinks up encription technology to thwart hackers they figure out a way around it. So it can happen to anybody.
Secondly this didn’t just happen this month. Those mopes have had the list of the 12,000 folks for months now. Maybe even as late as the end of last year. I was on their website the beginning of this year and they were bragging they had all the names then.
If AIM’s password system was fairly simple then hackers could have easily gotten inside.
Considering how liberal AIM was about giving out passwords and how common password sharing is among people in the industry, I doubt anyone had to hack into anything to get those names.
Good point, Chichi. Anyone could get those names, access labdatdotcom’s data, pass the info around, etc.