Be Aware: ‘Big Tech’ Could Be Mining Your Systems for Sensitive Patient Information

A class action lawsuit filed by a John Doe plaintiff alleges that Meta, parent company of Facebook, has been peeking into the records of at least 644 hospital systems or “medical provider web properties.” As reported in Healthcare Dive, the suit comes on the heels of an investigative report by The Markup and Stat News that revealed specific instances in which Meta’s Pixel tracking tool dug up highly sensitive patient information that winds up in the hands of advertisers who then targeted the corresponding patients. One such instance involved a patient whose physician name and search term data (ie, “pregnancy termination”) were sent from the University Hospitals Cleveland Medical Center’s website to Facebook. Pixel enables websites to target and optimize advertisements. The Healthcare Dive piece also notes that WebMD’s parent company was hit with its own class action suit charging that Pixel disclosed private information of WebMD users by tracking targeted video advertisements in violation of the Video Privacy Protection Act. While it may not be possible to uncover and eliminate every piece of cyber surveillance on systems beyond your control, it is essential to implement whatever safeguards you can to protect both patient and corporate data. Read Education Is Key to Avoiding Increasingly Sophisticated Cyber Crime in the JUCM archive to see if you’re up to speed.