MONEY Health Care

Who Covers the Costs of Preventive Surgery Like Angelina Jolie’s

Actress Angelina Jolie
Matt Sayles—Invision/AP

Faced with a genetic predisposition to cancer, Angelina Jolie opted for a preventive surgery to remove her ovaries and fallopian tubes. But can other women afford to do the same?

This week, actress and director Angelina Jolie took to the New York Times to announce a big decision: She had her ovaries and fallopian tubes surgically removed, a preventive measure meant to decrease her risk of ovarian and breast cancer. This surgery followed her preventive double mastectomy in 2013.

After losing her mother, grandmother, and aunt to cancer, Jolie underwent genetic testing and learned that she had a mutation in one of her BRCA genes, a tumor-suppressor gene. That means she too has an increased risk of developing breast cancer and ovarian cancer.

“I feel feminine, and grounded in the choices I am making for myself and my family,” Jolie wrote. “I know my children will never have to say, ‘Mom died of ovarian cancer.'”

The good news: If you share Jolie’s predisposition to cancer, the same treatment options are probably available to you. Most insurers will cover preventive surgery for women with a BRCA mutation, says Lisa Schlager, vice president for community affairs and public policy at Facing Our Risk of Cancer Empowered (FORCE), a nonprofit organization devoted to hereditary breast and ovarian cancer. (Generally, Medicare and Medicaid aren’t as generous, Schlager says.)

That’s been true for a long time—a 2001 study found that 97% of preventive surgeries for women with BRCA mutations were fully covered by insurance (except for deductibles and copays).

The surgery can be costly. According to HealthSparq, a health care costs transparency firm, the average national cost for the surgical removal of the ovaries and fallopian tubes is $12,381.

That’s the average insurer-negotiated price, based on actual claims data from 67 health plans. In other words, that’s the average price insurers have agreed to pay hospitals and health providers for the procedure. You can expect to pay a smaller portion of that cost, depending on your health plan’s deductible, co-pays and co-insurance.

Today, the average deductible for Americans with single, employer-subsidized health coverage is $1,217, which means most need to pay more than a grand out-of-pocket before insurance begins to cover the bulk of their costs, according to the Kaiser Family Foundation.

“It really depends on your insurance and your deductible,” Schlager says. “Some people have a very high deductible, and we’re referring them to services that provide financial assistance.”

Prices can also vary significantly by region. According to HealthSparq, the average cost of the procedure is $8,693 in Maryland, but $20,763 in San Francisco, a $12,070 price gap.

Market Average Cost
San Francisco – San Jose CA $20,763.06
San Diego CA $16,508.06
Miami – Fort Lauderdale FL $16,441.37
LA – Orange County CA $16,378.38
Houston TX $14,687.49
Austin – San Antonio TX $13,617.29
New York City – White Plains NY $13,591.84
Dallas – Fort Worth TX $13,404.92
New Orleans LA $12,049.43
Cinncinati – Dayton OH $11,987.74
Columbus OH $11,335.80
Albany NY $9,559.04
Washington DC – Arlington VA $8,747.73
Maryland $8,692.77
AVERAGE NATIONAL $12,380.55
PRICE GAP $12,070.29

But generally, insurers will cover the surgery. After all, “the surgeries are less expensive to the private insurers than if you were to get cancer,” Schlager says.

How do you know if you’re at risk? According to guidelines from the National Comprehensive Cancer Network, you should get screened for genetic abnormalities if any of your family members develop ovarian or fallopian tube cancer, breast cancer in both breasts, breast and ovarian cancer, breast cancer before age 50, male breast cancer, or other signs of hereditary breast-ovarian cancer syndrome. You should also get tested if more than one blood relative on the same side of your family has breast, ovarian, fallopian tube, prostate, pancreatic, or melanoma cancer. The U.S. Preventive Services Task Force, which helps implement the Affordable Care Act, made similar recommendations.

Schlager says the cost of genetic testing has “dropped substantially” in recent years, to between $1,500 and $4,000. Most insurers will cover genetic testing if you meet the national guidelines, but if your insurer refuses, some labs have financial assistance programs to limit your out-of-pocket cost to about $100, Schlager says.

Then you should meet with a genetic counselor. The Affordable Care Act mandates that health insurers cover genetic counseling with no cost-sharing if you have an increased risk of breast or ovarian cancer. That is to say, genetic counseling is a women’s preventive service that should be free to you, like birth control.

Jolie was quick to note that her choice isn’t the answer for everyone. “A positive BRCA test does not mean a leap to surgery,” Jolie wrote. “I have spoken to many doctors, surgeons and naturopaths. There are other options.”

A genetic counselor should help you understand the implications of preventive surgery and consider other less invasive—but less effective—measures, like increased cancer screenings. “It’s a very personal decision, and every family is different,” Schlager says. “Your first step is to talk to your doctor.”

MONEY Taxes

Want to Pay Lower Taxes? Here’s Where You Should Move

Downtown, Juneau, Alaska
Jochen Tack—Alamy Juneau, Alaska

Leave New York for Alaska.

If you want to keep a bigger portion of your paycheck next year, pick up and head west. According to a new report from WalletHub, the states with the lowest tax burdens on the middle class include Alaska, Montana, and Wyoming. The states with the heaviest tax burdens on the middle class: New York, Illinois, Arkansas, Hawaii, and Maryland.

In fact, you’ll pay the fewest taxes in Alaska whether you’re rich, poor, or somewhere in the middle. Altogether, low earners pay an average of 5.4% of their income in total taxes (including sales taxes, property taxes, and income taxes), middle earners pay an average of 4.5%, and high earners pay an average of just 3.4%.

Compare that to New York state, where households earning $50,000 pay an average of 12.4% of income in taxes. WalletHub found that New York state was the worst state for middle and high earners and the eighth worst for low earners.

Here are the full rankings.

The five states where middle earners (households making $50,000) pay the least:

  1. Alaska
  2. Delaware
  3. Nevada
  4. Montana
  5. Wyoming

The five states where middle earners (households making $50,000) pay the most:

  1. New York
  2. Illinois
  3. Arkansas
  4. Hawaii
  5. Maryland

The five states where high earners (households making $150,000) pay the least:

  1. Alaska
  2. Wyoming
  3. Nevada
  4. Tennessee
  5. South Dakota

The five states where high earners (households making $150,000) pay the most:

  1. New York
  2. Connecticut
  3. Maryland
  4. New Jersey
  5. Minnesota

The five states where low-income earners (households making $25,000) pay the least:

  1. Alaska
  2. Delaware
  3. Montana
  4. Nevada
  5. South Carolina

The five states where low-income earners (households making $25,000) pay the most:

  1. Washington
  2. Hawaii
  3. Illinois
  4. Arizona
  5. Ohio

Read the full WalletHub report here.

For answers to your tax questions, check out MONEY’s 2015 Tax Guide:
11 Smart Ways to Use Your Tax Refund
Don’t Make These 8 Classic Tax Filing Fails
Why the IRS Probably Won’t Audit Your Return This Year

MONEY identity theft

These Are the Only Data Breaches You Really Need to Worry About

social security card breaking up into bits and floating away
Yasu+Junko—Prop Styling by Shane Klein

Every day seems to bring news of another hack that compromises your personal data. While you can't afford to get complacent, you don't need to panic about every leak. Here's how to know when to worry and what action to take.

At this point, you can bet a hacker has made off with some of your personal information. The number of data breaches hit an all-time high in 2014, according to the Identity Theft Resource Center. An estimated 86 million records—including credit card and debit card numbers—were compromised, with Kmart, Home Depot, and Staples among the companies that saw the greatest data spillage.

Perhaps the worst scare yet, however, came in early 2015, when health insurer Anthem reported that hackers accessed its customers’ Social Security numbers—pure gold to an ID thief. “This one is a nightmare,” says Ed Mierzwinski of advocacy group U.S. PIRG.

But you may be too weary to heed the wake-up call. Almost a third of Americans who receive breach notifications ignore them, privacy research group Ponemon Institute has found. While you can’t panic over every breach, you also can’t afford to get complacent. How much to worry and what action to take depend on what data you learn have been compromised.

YOUR SOCIAL SECURITY NUMBER

How much to worry: A lot. A fraudster could apply for credit in your name, and you could spend years repairing your records, says Paul Stephens of the Privacy Rights Clearinghouse.

What to do: Check your credit reports ASAP for unusual activity. You’re entitled to one free copy per year from each of the credit bureaus (Equifax, Experian, TransUnion) via AnnualCreditReport.com. At minimum place a free 90-day fraud alert with one of the bureaus, which will inform the other two. This alert tells lenders to confirm your identity before extending credit.

A better move: Freeze your credit, preventing anyone from getting loans in your name. On the downside, you’ll pay up to $10 per credit bureau to place a freeze and up to $12 per bureau to lift it when you apply for new credit. A hassle, yes, and costly. “But for someone worried about ID theft, it’s the best $30 you can spend,” Stephens says.

A PASSWORD

How much to worry: Depends on what kind of site was hacked and whether you reuse passwords (61% of people do, identity protection firm CSID found).

What to do: Ideally, you’d change your password on the breached site and all others on which you used the same code. But if the idea of that much work leaves you paralyzed, the least you need to do is change codes for the most critical accounts (like email and financial sites), says Joseph Bonneau, technology fellow at the Electronic Frontier Foundation. And where it’s an option, set up two-factor authentication, which requires you to input an additional piece of information to log in. That will make it harder for hackers to break into your account next time a password is compromised.

YOUR CREDIT CARD NUMBER

How much to worry: Very little. When criminals steal just a credit card number, you’re not liable for any fraudulent charges, notes Chi Chi Wu of the National Consumer Law Center. With a debit number, you’re not liable for unauthorized charges you report within 60 days of getting your statement, and often banks will make you whole even if you don’t report until later. (The laws are different when a card itself is stolen, but, again, many issuers have zero-liability policies.)

What to do: Simply read your statements carefully, says U.S. PIRG’s Mierzwinski. Call the issuer if you see charges you don’t recognize, he says, “though usually your bank calls you first.” Don’t assume credit monitoring—which many breached businesses offer to customers for free—will do the job for you, Wu says. The services only tell you when a lender checks your credit, not when charges are run up on an existing account.

OTHER PERSONAL INFORMATION

How much to worry: Very little. Criminals can’t commit ID theft with just your name, birth date, or email—though they may try to “phish” for more info by posing as legitimate businesses.

What to do: Stay vigilant. Avoid clicking on links in emails. And when a financial institution calls, hang up and call back. Better to seem rude than get rooked.

 

MONEY Investing

Two Charts That Show This Bull Market Is Truly Historic

Bull statue on Wall Street
Murat Taner—Getty Images

The bull market is six-years old, and it's looking like a truly historic run.

If you hear music in the air, particularly from the direction of the financial district, that’s because the six-year anniversary of our current bull market has arrived.

According to the S&P, this particular run has lasted 2,191 days, the fifth longest since 1921, only surpassed by a 3,452 day stretch from October, 1990 through March, 2000; a 2959 day period from August 1921 to September, 1929; a 2067 day stretch from June, 1949 to August, 1956; and 2248 day run between October, 1974 and November, 1980.

But while today’s bull market might rank fifth overall, it’s even more impressive when compared to similar economic recoveries. The six-year rally following the financial crisis is topped by only by the recovery following World War II (2,607 days) and the 1919 deflation (2,959 days).

Screenshot 2015-03-09 10.31.01

And when it comes to price gains during the first six-years of a recovery, the current market is second to none. Between March 9, 2009 and March 9, 2015, the S&P 500 has increased by 202%. The only other market run that comes close is the postwar expansion, where the S&P returned 192% in the same time period.

The bad news? Valuations now look high.

Screenshot 2015-03-09 13.42.36

As of February, the Shiller price-to-earnings ratio, which measures the S&P 500’s price against the average of the past 10 years of earnings, was nearly 28. That’s almost twice as high as the P/E six years into the “Great Bull” market of the 1980s and 1990s. That’s lead many commentators to speculate about whether the market is overvalued and due for a correction.

Of course, the Shiller P/E climbed above 40 by end of the Great Bull in 2000—so it’s not much of a guide to when the market will turn. But even if you aren’t trying to time the market, high valuations do suggest that future long-term returns may be comparatively muted. After all, a high P/E means each dollar you spend on stocks is now buying a smaller pile of earnings.

All data from MONEY’s Investor’s Guide 2015 by Penelope Wang with Kara Brandeisky.

MONEY Credit

It Just Got Harder for Debt Collectors to Destroy Your Credit

medical bill breaking table
Jana Leon—Getty Images

Soon, it will be easier to get paid medical bills and other errors off your credit report.

Today the three big credit bureaus—Equifax, Experian, and Transunion—announced changes in the way they report medical debt and how they respond to consumer complaints about errors.

The changes are part of a settlement with New York State Attorney General Eric Schneiderman, who has been investigating the credit bureaus since 2012, according to the Wall Street Journal. However, the new practices, which will phase in starting in the next six months, will apply nationwide.

Under the agreement, the credit bureaus will assign trained employees to review complaints and investigate even when a creditor says its information is accurate, according to the WSJ. Plus, credit bureaus will wait 180 days before adding medical debt to your report—to give you time to actually receive and pay your bill—and take the debt off your report as soon as it’s paid by an insurance company.

Here’s why this matters: Before deciding whether to offer you a mortgage, a credit card, an apartment or even a job, a firm will pull your credit report to evaluate whether you’re likely to pay your bills on time. But that report can have errors: One in five consumers has a mistake on at least one credit report, according to a Federal Trade Commission study.

And those mistakes can be hard to fix. First, you have to file a dispute with the credit bureau. Even after filing a dispute and getting changes made, more than half of the consumers that the FTC surveyed reported lingering problems on their credit reports.

The worst part: The most common kind of debt on credit reports isn’t even a good measure of your creditworthiness. Some 43 million Americans have medical debt on their credit reports, according to data from the Consumer Financial Protection Bureau. About a third of those people have otherwise flawless credit, according to the CFPB.

Medical bills are notoriously unintelligible and riddled with errors. To make it worse, debt collectors will sometimes “park” medical debt on your credit report before you even get the bill from your doctor. In the end, your insurer may pick up the tab—but only after the medical debt has already damaged your credit.

Put another way, if you haven’t checked your credit report recently, you could be one of the 43 million Americans with medical debt on your report—and you might not even know it.

Back in August, FICO announced that medical bills that had been paid off would no longer affect your credit score. Today’s announcement means that medical bills paid by insurance won’t show up on your credit report either.

All you have to do now? Keep checking your credit report three times a year. Go to annualcreditreport.com to get one copy of your report from each bureau. Find an error? Here’s how to dispute it—now is probably a good time.

Related:

MONEY privacy

5 Things You Didn’t Know About Using Personal Email at Work

Former Secretary of State Hillary Rodham Clinton
Jason DeCrow—AP Former Secretary of State Hillary Rodham Clinton

Hillary Clinton is in trouble for mixing up her personal and business accounts—and you could get in trouble too.

Hillary Clinton has come under scrutiny for exclusively using her personal email account for all of her work communications when she was secretary of state, according to a report in the New York Times. That’s actually a huge problem. Under federal law, Clinton was required to preserve all of her communications.

But you don’t have to be a former secretary of state and favorite for the Democratic presidential nomination for your work emails to be preserved for posterity, and someone might be interested in their contents: your boss.

Here’s what you should know about the privacy of your work emails—namely, that you don’t have any.

1) Your employer can monitor pretty much anything you access on the company’s computer system, even your personal email account.

In most cases, courts have taken the position that employers have the right to monitor what employees do on the employer’s computer systems and equipment, says Catherine E. Reuben, employment lawyer at the firm Hirsch Roberts Weinstein LLP.

To start, that means your boss can see any messages you send using your work email. But that’s not all. “When you send an email from work, the company server doesn’t know or care whether this email is on your company email account or your personal Yahoo account—it monitors everything,” says Lewis Maltby, president of the National Workrights Institute. And that’s completely legal.

One gray area: A recent National Labor Relations Board case ruling found that employees have a presumptive right to use their employer’s email system for union organizing, although labor laws restrict employers from surveillance of union organizing activities. That means the NLRB may eventually conclude that employers are not able to monitor emails related to union organizing, even if they are sent using the employer’s server or equipment. “That is an unsettled issue,” Reuben says.

2) Assume any email, text message, or other electronic communication you send on your employer’s system can be used against you.

“In my personal experience, employers will monitor email when there is a business reason to do so,” Reuben says. “For example, if an employee accuses another employee of sending sexually harassing emails, the employer would naturally want, as part of its investigation, to review all of the email communications between the two employees.”

Adverse consequences are not uncommon. In 2007, a survey by the American Management Association found that 28% of employers had fired employees over “e-mail misuse.” The most common kinds of misuse: violation of company policies, inappropriate language, excessive personal use, or breaking confidentiality. (“Internet misuse” was even more common; another 30% of employers said they had terminated employees for excessive personal use of the Internet at work, viewing inappropriate content at work, or other violations of the employer’s electronic use policy.)

And your emails could cause a problem long after you send them. “Remember that emails, text messages, other electronic documents can live on forever, even if you delete them,” Reuben says.

3) Beware of “George Carlin software.”

You probably assume your boss doesn’t have time to monitor every email you send. That’s true, Maltby says, but you’re forgetting about the IT department. “People in IT can look at anything, anytime they want to, for any reason they want to,” Maltby says. “They are agents of the employer, and it’s the employer’s system.”

One very common practice: Some employers have keyword software to detect sexual harassment. Maltby calls it “George Carlin software” (note: that link is NSFW) because it can flag certain inappropriate words. But the software can pick up false positives. “If a female employee sends an email with the word ‘breast’ to her oncologist through the company system, it’s going to be read,” Maltby says.

The simple solution: Send any sensitive, personal messages from your own device.

4) Emailing company documents to your personal account could get you in trouble.

You have more work to do, but you just want to go home—and accessing your employer’s email remotely is a huge hassle. So you just forward your files from your work email account to your personal account and finish your work at home.

The problem? That could later create the impression that you are trying to steal the company’s confidential information.

“Make sure you read and understand your employer’s policies, and don’t download company information without permission,” Reuben says. “Do your best to protect the company’s trade secrets, confidential information, and data.”

5) When you set up your company’s email on your personal phone, you often give your employer the right to delete all of your personal data.

Want to check your work email on your personal iPhone? Your employer probably asked you to sign a “bring-your-own-device” agreement. If you didn’t read it, do that now—you likely waived some of your rights.

There’s good reason for that: Companies need to secure their information systems. “What the policy is essentially saying is, if you want the privilege of accessing our proprietary, confidential systems and the convenience of accessing those systems on your personal device, you’ve got to waive your right to privacy,” Reuben says. “Many employers in such a policy will reserve the employer’s right to monitor the employee’s activities on the device and to remote-wipe the device if there is a security risk, for example, if the device is lost or stolen.”

You read that right: You probably gave your employer permission to delete all of your personal data. Your company might want to do that if your device could be compromised—or if you just no longer work there. “When you leave the company, the company will probably wipe your cell phone, and they’ll probably wipe everything,” Maltby says. “Pictures of your kids, bank records, and God knows what else have been erased forever.”

The takeaway: Actually read your employer’s electronic use and BYOD policies. And back up those photos somewhere else.

MONEY Health Care

Here’s the Tough Choice the Uninsured Have to Make Now

piggy bank and bottle of pills balancing on either side of a seesaw
Pogonici—Shutterstock

The deadline to enroll in a health insurance plan has been extended—but a quirk in the rules leaves the uninsured with a tricky decision to make.

Americans who didn’t sign up for health insurance by the February 15 end of open enrollment face two serious risks: no insurance coverage for the rest of 2015, and a possible tax penalty next April. Open enrollment for 2016 plans doesn’t start until next October.

What’s more, many who went without health insurance last year—when Obamacare’s requirement that all Americans have insurance, what’s known as the individual mandate, went into effect—are already facing a penalty on their 2014 tax returns.

Many of these uninsured Americans got a break last week. The Obama administration announced a special open enrollment period last Friday. If you still don’t have 2015 health coverage, you did not know about the tax penalty until you worked on your tax return, and you owe a penalty for 2014, you can enroll in a 2015 plan via Healthcare.gov between March 15 and April 30. The second chance is available to people who live in the 34 states with a federally-run insurance marketplace and who file their federal taxes after February 15.

This deadline extension could help a lot of people: Late last year, 44% of uninsured Americans said they had heard little to nothing about Obamacare’s individual tax penalty, according to a poll by the Urban Institute.

There’s a twist, however: To qualify for the extension, you must be subject to the tax penalty, according to the Department of Health and Human Services. But most Americans who are still uninsured could qualify for an exemption from the tax. Take it, and you don’t get more time to buy health coverage for this year.

The Choice

There are more than two dozen ways to get out of paying the Obamacare penalty: you earn less than the tax filing threshold, your cheapest plan costs more than 8% of your income, you were uninsured for less than three months, you filed for bankruptcy, or you had some other hardship.

Altogether, the government estimates that only 2% to 4% of taxpayers will owe the fee. Another 10% to 20% are uninsured but are exempt from the penalty. Those taxpayers have two options:

  1. Pay the tax for 2014 and buy health coverage for 2015 during the special enrollment period, which has the added benefit of getting you out of the penalty next year.
  2. Claim an exemption from the tax for 2014 and go without health insurance again in 2015 (and potentially face the tax again next year).

“The taxpayer needs to make a choice,” says Tara Straw, senior policy analyst at the Center on Budget and Policy Priorities. “It would seem a no-brainer, a week ago, that you would claim an exemption if you were eligible for it. But now, there really should be a discussion about whether it’s better to take the exemption someone is eligible for, or pay a penalty and have a special enrollment period.”

The Potential Penalty

The penalty for being uninsured for all of 2014 is either $95 per person in your family (capped at $285), or 1% of your income (capped at the price of the average premiums for a bronze plan), whichever is higher.

H&R Block has found that so far, the average Obamacare penalty for its clients is $172, decreasing the average refund by 5%.

“It’s definitely a significant amount of money for people who might be low-income and might have a lot of plans and expectations for what they might do with the tax refund,” Straw says. “But we need to weigh that against the fact that the penalty next year is much higher.”

In 2016, the penalty will be either $325 per person in your family (capped at $975), or 2% of your income (capped at the price of the national average premium for a bronze plan in 2015—to be determined), whichever is higher.

The Bottom Line

Are you faced with this choice? Keep in mind that health insurance may be less expensive than you think. If your income is less than 400% of the federal poverty level—$95,400 for a family of four in 2015—you’ll likely qualify for a subsidized premium.

HHS found that 87% of the people who bought an Obamacare plan qualified for this tax credit, bring the price of health insurance down to an average of just $82 a month. Use the Kaiser Family Foundation’s calculator to get an estimate of your costs.

Also, if your income is less than 133% of the poverty line—$15,654 for a single person in 2015, $32,253 for a family of four—you could qualify for Medicaid. You can sign up for Medicaid any time during the year, Straw says.

“It’s unfortunate that some people might be put in this position, but at the end of the day, if someone can enroll in coverage and avoid paying a penalty for 2015, that’s still a good deal,” Straw says.

MONEY privacy

Your Embarrassing Online Searches About Health Problems Aren’t Private

camera aimed at laptop
Thomas Jackson—Getty Images

A new study found that 91% of health-related web pages reveal potentially sensitive information to third parties like data brokers and online advertisers.

Hypochondriacs beware: That Google search for “STD symptoms” could go into your digital dossier.

A new study has found that health-related web pages often leak information about you and the information you access to third parties, raising concerns about online privacy.

To conduct the study, University of Pennsylvania PhD student Timothy Libert analyzed the top 50 search results for 1,986 common diseases, some 80,000 web pages. He found that on 91% of the pages, third parties like social networks, advertisers, and data brokers could access information about who was viewing the page, like the user’s IP address. On 70% of the pages, those third parties could see information about specific “conditions, treatments and diseases” viewed.

Altogether, 78% of the health-related web pages sent information about you to Google, 31% sent information to Facebook, and 5% sent information to Experian, a credit bureau and data broker.

What’s the big deal? Libert has two major concerns about these practices. The first is that the third parties could match you with your medical search results, a problem he calls “personal identification.” This isn’t a totally imaginary scenario—data brokers routinely collect information about you from your online activity, shopping habits, and public records, then turn around and sell that information to advertisers. That already includes sensitive medical information: One data broker was caught hawking lists of “rape sufferers,” “domestic abuse victims” and “HIV/AIDS patients.”

Second, advertisers could discriminate against you based on your medical searches, regardless of whether your search results are ever connected to you personally. That’s called “blind discrimination.” In other words, advertisers could serve you certain ads and offer you certain promotions based on the websites you read. Again, this practice can be innocuous, but it can also have a dark side. “It’s like any other form of discrimination,” Libert says. “If you’re going to extend a favorable offer to somebody, your best client probably isn’t somebody with terminal cancer.”

The tech-savvy might think their searches are private because they delete cookies or use a private browser, like Google Chrome’s “incognito mode.” Sorry, but no.

That’s because of the way websites work. Libert explains that a web page is like a recipe. The code says, “display an image from this file” or “play this video from Youtube.” To pull in content from another website’s server—like a video from Youtube—your server makes a “request” to that third-party server, and reveals information about you in the process. For example, the third party can see the name of the webpage you’re visiting, which may sound harmless, but can reveal a lot. You might not, for example, want advertisers and data brokers to know that you recently read “www.cdc.gov/hiv”.

“Even if you’re using incognito mode or something, the HTTP requests, at the very basic level, are still being made,” Libert says.

And you usually don’t even know it’s happening. While you can see evidence of some third-party requests, like Youtube videos and Facebook “like” buttons, Libert says most requests are bits of code invisible to the non-programmer’s eye.

Legally, this is all aboveboard. The HIPAA law protecting medical privacy only applies to medical services like insurance claims, not other businesses.

So while Libert wants lawmakers to beef up online privacy protections, he says in the meantime, your best bet is to install a browser extension like Ghostery or Adblock Plus.

“They don’t catch everything, but they catch a lot,” Libert says.

MONEY Health Care

The Obamacare Open Enrollment Deadline Has Been Extended

pill container
Getty Images

You can get more time if you tried to buy health insurance on the federal marketplace—but some states are offering more generous grace periods.

Did you miss the February 15 deadline to buy health insurance for 2015? The Department of Health and Human Services announced that you may have one more week to get insured.

If you tried to buy health coverage on the federal marketplace but couldn’t because of long wait times or website glitches, you may qualify for this special enrollment period. If you bought health insurance through the federal marketplace last year, however, you will not be allowed to make any changes to your coverage during this one-week extension.

Try again by going back to HealthCare.gov from now through February 22. You’ll need to attest that you couldn’t enroll by the deadline because of a website or call center problem.

After the deadline, that’s it—you won’t be able to buy individual health insurance for 2015 unless you have you have a “qualifying life event,” like marrying, divorcing, having a baby, moving, or losing your health coverage.

If you live in one of the 13 states with their own exchanges or the District of Columbia, the rules are a little different. Most states have announced extensions of some sort. In some states, you get more time only if you tried to sign up before February 15; in others, everyone has more time. Check acasignups.net for a good round-up of state policies.

Washington state currently offers the longest deadline extension: Residents have until April 17 to enroll. “This is the first year that residents may incur a tax penalty for not having health insurance under the Affordable Care Act,” Richard Onizuka, chief executive officer of Washington’s exchange, told the Wall Street Journal. “This special enrollment window will allow these individuals—as well as those who experienced difficulty completing their applications—additional time to get enrolled for 2015 coverage.”

That’s right: If you were uninsured in 2014, you could owe a penalty on your taxes this year. This year, the penalty is either $95 per person in your family (capped at $285), or 1% of your income (capped at the price of the national average premium for a bronze plan), whichever is higher. Go uninsured in 2015 too, and you could owe even more next year.

For more on buying a policy for 2015, check out this full guide to Obamacare open enrollment.

Your browser is out of date. Please update your browser at http://update.microsoft.com