By Mark Goldfogel
When I was younger, I had the chance to visit East Germany mere weeks after the Berlin wall came down.
It was a surreal experience with hundreds of military
guarding a boarder that no longer was recognized
by anyone, including them! Their guns sure seemed
real, and their tanks were quite intimidating. I stole a
chunk of that wall right in front of them, and it still sits
on my stepfather’s desk. There was no more border
(or country) to protect. Yet the military paraded tanks
right down main-street at noon just like they had since
1949.
It the same situation with Marijuana today. The
government, or at least some of our governments,
have begun to see the benefits of Medical Marijuana.
However, as a patient, I sure don’t want to be the one
who gets shot because I walked too far behind the
lines.
There are things you can and should do to protect
yourself as a Medical Marijuana patient. The first and
most important is to be very careful where you shop.
Every Colorado MMC (Medical Marijuana Center) is
required to capture your state issued identification
number and medical marijuana card, but most are not
using a professional system to capture that data. As
a result, your information as a patient could be at risk.
I know that my compliant Medical Marijuana
Centers need to keep an electronic file of my license
and state issued photo ID. This is true in Colorado
and California. But they do not, and should not,
keep a paper copy. They cannot properly protect my
paper data on-site. A Medical Marijuana Center is
no place to store potentially incriminating information.
Remember friends, this is still Federally illegal, and while I don’t expect to have
the DEA at my door because
I purchased 2 oz, I don’t
particularly want my face on
the front page of Westword
for being a pothead. Careful
protection of my identity is
one of the requirements I
have of a Medical Marijuana Center, and is the primary
reason I created the company MJ Freeway. You’re
welcome. 
The first thing to ask your Medical Marijuana Center
is are they are storing your information in a HIPAA
compliant fashion? Ask them what company hosts
their data, and make them show you where the
company states that they are in compliance on their
website (preferably on the home page). HIPAA is
critical because it is the only security standard that the
Federal Government recognizes for patient protection.
Without storing your information on HIPAA compliant
servers (almost always off-site), your personal data
could be at risk.
Even if the data is stored in a HIPAA compliant
fashion, your Medical Marijuana information could
be in jeopardy. The next biggest vulnerability is with
the physical data itself–the actual hard drives or
paper copies. This time, I am not worried about the
government (at least not in Colorado, hang in there
California). Given enough time and talent, a crook
could have a great time with a database full of Medical
Marijuana Patients that would prefer to remain, and
deserve to remain, anonymous. There are also
tremendous advantages to the MMC owner for storing
their data off-site. Advantages like virtualization -the
art of working while lying on a beach thousands of
miles away. However, the biggest advantages of off-
site storage to the patient are protection of their data
from fire, physical theft, vandalism, and sabotage.
Not to mention, there is much better security because
it is both protected electronically, with encryption, and
physically to Federal standards for patient privacy.
It might seem obnoxious to ask a Medical Marijuana
Center to prove their compliance system is off-site and
HIPAA compliant. But it is my information that could
be in jeopardy. I have done my part to make sure my
data remains safe, and I welcome you to shop at any
MJ Freeway store. Look for the MJ Freeway logo on their screen and tell them Mark sent you.