I appreciate you having the courage to go against the grain on this. I share similar views, specifically about healthcare privacy in general. It's obnoxious to what extent they go to guard some bland info like my blood type or blood pressure. I'm not saying it should be published on a ticker at the hospitals website, but the only info they should really keep private are the things that could blackmail or shame people. Birth control, abortion, STDs, etc. I actually hold the unpopular opinion that HIPAA goes too far. It's "privacy theater". If the concern is health insurers dropping patients, then the agency that regulates insurance should "leak" some information in a sting operation and sue the insurers for breaking the law. We shouldn't foist that liability on IT people and allow insurance to harm people.