{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibrdwwtxag2s2f7oxfb6blfdec57pwemdwoka7vjsoxr63lkme7ga",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3monfyqricaw2"
  },
  "path": "/t/how-do-i-compellingly-advocate-for-my-privacy-with-doctors-and-other-healthcare-professionals/38299?page=3#post_48",
  "publishedAt": "2026-06-19T12:19:54.000Z",
  "site": "https://discuss.privacyguides.net",
  "textContent": "**UPDATE:**\n\n**DPA REFUSES TO ANSWER**\n\nSo I reached out to my local data protection authority (DPA), and they were a disappointment. I wrote to them via email and asked them point-blank if using Gmail and WhatsApp in healthcare was compliant with our data protection laws. I specified that what I meant by that is if healthcare workers are in violation of the law when they use Gmail and WhatsApp to communicate with or about patients.\n\n**The DPA refused to answer my question directly. All they did was quote the law to me.** The parts of the law that they quoted implied to me that using Gmail and WhatsApp in healthcare is in violation of the law, but that’s just my interpretation. **Their answer was very legalese.**\n\nI followed back by asking them to answer my question directly, and again they refused. They just quoted the law. And **they told me that their role is not to interpret the law, which makes no sense to me, because if I had to file a complaint, it would be through them, and they would decide if I am right or wrong. So it is totally within their realm to tell me if I am interpreting the law correctly.**\n\n**PRIVACY WASHING & PRIVACY THEATER**\n\nTo me, this just goes to show that some DPAs and privacy laws are just doing privacy and security theater. They want to reassure the public, but in practice they’re not doing much.\n\nSuppose I asked them a really stupid question like:\n\n> _**I am a doctor. Can I secretly share my patients’ healthcare information with a pharmaceutical company that will pay me handsomely for doing so?**_\n\nI suspect that they would not give me a legalese answer and would tell me straight up no, that I cannot do that. My guess is because DPAs know that the use of WhatsApp and Gmail is rampant not just in healthcare but in business in general, they don’t want to condemn it. I also suspect that no one has ever complained about this and that I would be the first.\n\n**NEXT STEPS: LAWYERS + GO TO DPA IN PERSON**\n\n**1) Contact Lawyers**\n\nMy next step is to contact privacy lawyers to see if they can provide me with an answer. I’ve already reached out to some of them, and none have responded so far. My impression of privacy lawyers is that if they don’t smell money, they are not going to bother.\n\nAlso, I have mentioned before that almost all the privacy lawyers I have found advertise protecting the data of companies and helping them be compliant. They do not advertise protecting actual data subjects, i.e., people. To me, this is not a good sign, but because your interests and those of a company that holds your data are not the same.\n\nAnd for the record. I have zero intention to sue. I cannot afford it, and even if I could, I do not want to put my face out there. But I would like to believe that a lawyer can answer a simple question about privacy laws without charging me.\n\n**2) Go to DPA’s Office**\n\nI am not 100% about this one, but I want to physically go to the DPA’s office and ask them the same question. I suspect that if I speak to an actual person, I will not get a legalese answer, but I can’t be sure.\n\nThe challenge is, when I reached out to them via email, I did it anonymously.\nIf I got there physically, I may have to share my real name, and based on the questions I ask, they could identify me as the person who emailed them under a different name because it was quite recently.\n\n**Should I go through with it?**\n\nI think they also have a phone number, so I could also call them anonymously first.",
  "title": "How do I compellingly advocate for my privacy with doctors and other healthcare professionals?"
}