#OPSEC365 067/365
Your work laptop and phone are not private.
Employers can legally monitor everything you do on company devices. Keyloggers, screen captures, email scanning, browser history, location tracking. That personal message you sent, that job listing you looked at, that side project you worked on during lunch. IT can see all of it.
Treat any company-owned device as if your boss is watching over your shoulder.
Keep personal and work activities on separate devices. Don't use work email or slack for personal conversations. Don't browse personal sites on work networks. Some employers are transparent about monitoring policies, others aren't. Assume the worst and act accordingly.
#OPSEC365 066/365
Medical records contain your most sensitive information.
Diagnoses, medications, mental health treatment, substance abuse history, sexual health data. HIPAA limits who can access this without consent, but breaches happen constantly. Hospital systems, insurance companies, and medical devices all store and transmit this data.
Patient portals log every provider who accessed your records. Unauthorized access by hospital employees has been documented at every major health system.
Most patient portals show access logs. Review yours to see which providers and staff have viewed your records. You have the right to request an accounting of disclosures from healthcare providers. Ask for it and see where your information has traveled.
Coinbase can blacklist your Bitcoin based on where it's been,
miners can refuse your transactions, and your "decentralized" money has a permanent criminal record,
Monero solved this with stealth addresses and ring signatures in 2014.
Monero devs have never once suggested building backdoors for law enforcement,
Zcash's founder suggested it publicly then asked you to memory-hole his own words.