Medical spas disclosing private health data to Big Tech: Who’s affected?
Do you have a Facebook, Google, TikTok, or Microsoft account? Have you used a medical spa within the last two years?
Meta, the parent company of Facebook, as well as TikTok, Google, and Microsoft have been under scrutiny for their practice of collecting the sensitive health information of users off the websites of healthcare providers. These companies collect website users’ private health data through bits of code known as “pixels,” which are embedded in the websites of healthcare providers. Pixels allow websites to track visitor activity including clicks, page views, keystrokes, and other actions, and often share the users’ sensitive health information, including information about medical conditions, treatments, and prescriptions. These companies profit from sensitive health information by using it to sell advertisements relating to health conditions.
Consumers who have an online account with a medical spa and have used their website may have had their information unlawfully shared without their consent in violation of HIPAA and other privacy laws.
Do you qualify?
You may qualify for this health data sharing class action lawsuit investigation if you have a Facebook, TikTok, Google, or Microsoft account and used a medical spa website or patient portal within the last two years.
Fill out the form on this page for more information.
What is a Medical Spa?
The American Med Spa Association defines a Medical Spa as a hybrid between an aesthetic medical center and a day spa. Medical spas provide non-invasive (i.e. non-surgical) aesthetic medical services under the general supervision of a licensed physician performed by trained, experienced and qualified practitioners with onsite supervision by a licensed healthcare professional.
Common treatments offered at medical spas include botox, “vampire” facelifts, dermabrasion, laser hair removal, liposuction, tattoo removal, and similar offerings.
If you are a patron of a medical spa you likely have booked appointments through their website. If so, your sensitive medical information may have been shared with Facebook, Google, and/or Microsoft.
What are pixel trackers?
A pixel is a bit of code that is inserted into a website to record information about visitors, including the actions they take on the website. A website may contain multiple pixel trackers, each one corresponding to and sending information to a different company.
The most common pixel is the Meta Pixel, a JavaScript snippet that collects and shares user activity with Meta. The plugin can then be used to customize advertisements and other features. According to Facebook’s 2018 response to a congressional questioning, there were 2.2 million Pixels installed on websites across the internet.
Information gathered through Meta Pixels is then linked to active Facebook accounts. This may result in the unlawful sharing of sensitive information, including health data protected by the Healthcare Insurance Portability and Accountability Act (HIPAA).
TikTok, Google, Microsoft, and other big tech companies have their own pixels that are nearly identical in function to the Meta pixel. Each of these pixels tracks and shares the activities of website users. As a result, each of these companies potentially collects sensitive and HIPAA-protected health information from users of healthcare-related websites.
How does HIPAA protect patient data?
HIPAA is a federal law that protects a range of patient health information. Under HIPAA, healthcare providers and health plans cannot disclose this sensitive data without individual authorization.
HIPAA specifically prohibits healthcare entities from selling or disclosing protected health information for marketing use without first obtaining patient consent. Unfortunately, numerous hospitals and telehealth websites may violate these regulations through Meta Pixels.
Join a Meta Pixel healthcare website class action lawsuit investigation
If you have a Facebook, TikTok, Google, or Microsoft account and used a medical spa website or patient portal within the last two years, you may qualify to participate in this health data sharing class action lawsuit investigation.
Fill out the form on this page for a FREE case evaluation.
The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving consumer protection claims. More information about our current cases and investigations is available on our blog.