Hospitals disclosing private health data to Big Tech: You may be affected.
Do you have a Facebook, Google, TikTok, or Microsoft account? Have you used a hospital website or patient portal within the last two years? If you have, your data may have been sent to Big Tech platforms in violation of HIPAA data protection rules, and you can join our class action lawsuit investigation into these data practices.
Meta, the parent company of Facebook, as well as TikTok, Google, and Microsoft have been under scrutiny for their practice of collecting the sensitive health information of users of the websites of healthcare providers, including hospitals. These hospitals collect website users’ private health data through bits of code known as “pixels,” which are embedded in the hospital websites and patient portals. Pixels allow websites to track visitor activity including clicks, page views, keystrokes, and other actions, and often share the users’ sensitive health information, including information about medical conditions, treatments, and prescriptions. These companies profit from sensitive health information by using it to sell advertisements relating to health conditions.
An investigation by The Markup found that one third of top hospitals’ websites shared patient health data with Facebook through the Meta Pixel.
Consumers who have an online account with a hospital and have used its website or patient portal may have had their information unlawfully shared without their consent in violation of HIPAA and other privacy laws.
Do you qualify?
You may qualify for this health data sharing class action lawsuit investigation if you have a Facebook, TikTok, Google, or Microsoft account and used a hospital website or patient portal within the last two years.
Fill out the form on this page for more information.
What are pixel trackers?
A pixel is a bit of code that is inserted into a website to record information about visitors, including the actions they take on the website. A website may contain multiple pixel trackers, each one corresponding to and sending information to a different company.
The most common pixel is the Meta Pixel, a JavaScript snippet that collects and shares user activity with Meta. The plugin can then be used to customize advertisements and other features. According to Facebook’s 2018 response to a congressional questioning, there were 2.2 million Pixels installed on websites across the internet.
Information gathered through Meta Pixels is then linked to active Facebook accounts. This may result in the unlawful sharing of sensitive information, including health data protected by the Healthcare Insurance Portability and Accountability Act (HIPAA).
TikTok, Google, Microsoft, and other big tech companies have their own pixels that are nearly identical in function to the Meta pixel. Each of these pixels tracks and shares the activities of website users. As a result, each of these companies potentially collects sensitive and HIPAA-protected health information from users of healthcare-related websites.
How does HIPAA protect patient data?
HIPAA is a federal law that protects a range of patient health information. Under HIPAA, healthcare providers and health plans cannot disclose this sensitive data without individual authorization.
HIPAA specifically prohibits healthcare entities from selling or disclosing protected health information for marketing use without first obtaining patient consent. Unfortunately, numerous hospital and telehealth websites may violate these regulations through Meta Pixels.
Which healthcare companies shared health data with Facebook?
In June 2022, The Markup released an article announcing that it “tested the websites of Newsweek’s top 100 hospitals in America. On 33 of them we found the tracker, called the Meta Pixel,” which sent Facebook sensitive health data generated by users of the hospital websites. Additionally, The Markup found the Meta Pixel installed inside the password-protected patient portals of seven health systems and documented the pixel sending Facebook sensitive health data about real patients.
This concerning tracking gained the attention of national representatives. In October 2022, Senator Mark Warner of Virginia wrote a letter to Meta CEO Mark Zuckerberg expressing his concern over Meta Pixels installed on hospital websites. A bipartisan group of senators sent subsequent letters to Monument, Workit Health and Cerebral asking for more information about their data sharing. The Federal Trade Commission (FTC) took additional action against online pharmacy GoodRx by seeking a court order to prevent data sharing, contending that the pharmacy discount website shares sensitive health information through Meta Pixels and other trackers.
Join a pixel healthcare website class action lawsuit investigation
If you have a Facebook, TikTok, Google, or Microsoft account and used a hospital website or patient portal within the last two years, you may qualify to participate in this health data sharing class action lawsuit investigation.
Fill out the form here for a FREE case evaluation.
The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving consumer protection. More information about our current cases and investigations is available on our blog.