Overview

A recent article exposed that 33 top US hospitals have been unlawfully misusing sensitive data via Facebook/Meta’s Pixel Tracker. Zimmerman Reed is investigating whether local hospitals and health care providers also unlawfully shared private patient health records.

What exactly are the allegations about what the hospitals and health care providers are doing?

In 2022, the news website The Markup published a report showing that one-third of the top 100 hospitals in the United States embedded Facebook/Meta’s Pixel tool in their website.[i]  This often included adding code to their patient portals and appointment scheduling pages, giving the providers detailed analytics about how people use their websites.

One news organization reported that on hospital websites, these analytics:

“Could include sensitive health information connected to a patient’s IP address. On one hospital website, clicking the scheduling button sent Facebook a doctor’s name and the condition — ‘Alzheimer’s’ — that the appointment was scheduled for.”

Once Facebook/Meta receives this information, it can then be stored and used by advertisers to target patients based on their confidential health information. For example, advertisers could associate Alzheimer’s Disease with that particular person and target them for advertisements specific to that condition.

Protecting the privacy of everyone’s digital health records is important for several reasons:

  1. To prevent unauthorized access and potential harm to individuals;
  2. To maintain public trust and confidence in the healthcare system; and
  3. State and federal laws obligate health care providers to comply with privacy laws.

Am I affected?

Zimmerman Reed is currently working with data privacy experts to investigate practices of local hospitals and health care providers to determine if digital health records were unlawfully shared with Facebook/Meta and advertisers.

To check on your hospital or provider, please submit a Free Case Review Form to determine if your digital health records may have been compromised or shared with online advertisers.

What has happened since these privacy invasions have been made public?

Some hospitals and health care providers have discontinued the use of Pixel software in light of these recent disclosures. Novant Health, an operator of hospitals, clinics, and medical facilities, recently announced that it may have exposed the health records of as many as 1.3 million patients after being contacted by a reporter learning of their disclosures.

Several lawsuits have been filed against hospitals and health care providers, alleging violations of HIPPA over the impermissible collection, disclosure, and use of data collected via Meta Pixel, which claim has been used to serve patients with targeted adverts related to their medical conditions. (HIPPA – The Health Insurance Portability and Accountability Act – is a US federal law enacted in 1996 that sets standards for protecting the privacy and security of individuals’ medical information.) Cases have been filed in various states. However, most of these lawsuits have been filed in California, which has some of the nation’s strongest data privacy laws.

What should I do?

With the growing threats posed by data breaches and cyber-attacks, it’s crucial to protect your personal health information – and to respond if another actor threatens to expose that personal information.

Complete a Free Case Review Form by clicking the button below to determine if your digital health records may have been unlawfully disclosed with online advertisers. Don’t wait—take steps to secure your digital health records today.

Free Case Review Form Below