I'm not seeing the problem here. You authorise access to your doctor. They login to a system to view these details. This login is secure. If the iPad is stolen, the new "owner" will still require the login details to view your details.
What is the big deal here?
Did you read and understand my blog article, or the Noseweek article? Discovery can't guarantee the parts in red.
There is no way for me to pre-emptively block access to my own data. There should be.
Therefore, anyone posing as me, or any fraudulent doctor (Discovery NEVER gets defrauded own doctors!) or doctor's assistant wanting to access my data, can gain access to it by the simple process of imitating my signature.
I have no guarantee that my signature is even checked, and Discovery relies entirely on the iPad user for its security. If an iPad is left on and logged in and is stolen, it can be used without the doctor's knowledge. These are portable devices. Passwords can be disclosed by computer newbies through social engineering.
All I want is the ability to stop iPads accessing my information.
Until now I have disclosed this information face-to-face with my doctor, and I have had the control and discretion. Now Discovery wants to blab all my data to anyone who asks, without my knowledge or consent. They keep trying to reassure me that my consent is required, when it is perfectly obvious to me that there are security holes you could drive a truck through, and that my consent can be easily bypassed.
Furthermore, when my optometrist asks me questions about my medical history, I provide her with relevant details; I don't talk about my mental health or my sex life. It's inappropriate. But if she signs on to my Discovery profile it's all there, appropriate or not.
I'm not telling Discovery to abandon their iPad app. All I want is the ability (on their web site) to block their iPad app from accessing my information. I want to be able to say that under NO circumstances may my information be disclosed to any third party. That's what they are required to do by law anyway.
If other Discovery members are too stupid or gullible to realise the privacy implications, they can unblock their information. That's their choice, until it bites them in the ass, by which time it's too late. If they're Noseweek readers they can't say they weren't warned.