Pixelated: The (Continuous) Great Harvest Of Your Medical Records

The CDC states, “The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.” That’s over. Your data is NOT protected nor is it private. Don’t sign another HIPAA agreement by any healthcare provider. ⁃ TN Editor

STORY AT-A-GLANCE

> Facebook’s Meta Pixel was found on 33 hospital websites, sending Facebook information linked to an IP address, which identifies individual computers and may be traceable back to an individual or household

> The pixel tracks what doctors are searched for and health-related search terms added to search boxes or selected from dropdown menus

> The Meta Pixel was found in patient portals from seven health systems; data being collected included names of medications being taken, descriptions of allergic reactions and upcoming doctors’ appointments

> More than 26 million patient admissions and outpatient visits have been shared by the 33 hospitals using Meta Pixels, and that’s likely conservative

By now, most people are aware that if they “like” a certain page on Facebook, it gives the social media giant information about them. “Like” a page about a particular disease, for instance, and marketers may begin to target you with related products and services.

Facebook may be collecting sensitive health data in far more insidious ways as well, however, including tracking you when you’re on hospital websites and even when you’re in a personal, password-protected health information portal like MyChart.1

It does this via pixels, which may be installed without your knowledge on websites you visit. They can collect information about you as you browse the web, even if you don’t have a Facebook account.

Meta Pixel Found on Hospital Websites

In particular, the Meta Pixel is a piece of JavaScript code that developers can add to their website to track visitor activity.2 According to Meta:3

“It works by loading a small library of functions which you can use whenever a site visitor takes an action (called an event) that you want to track (called a conversion). Tracked conversions appear in the Ads Manager where they can be used to measure the effectiveness of your ads, to define custom audiences for ad targeting, for dynamic ads campaigns, and to analyze that effectiveness of your website’s conversion funnels.”

Even hospitals are opting into the data trackers, as evidenced by an investigation by The Markup, which tested websites from Newsweek’s top 100 U.S. hospitals. Facebook’s Meta Pixel was found on 33 of the websites, sending Facebook information linked to an IP address, which identifies individual computers and may be traceable back to an individual or household.

The pixel tracks not only the IP address of the computer being used but also what doctors are searched for and search terms added to search boxes or selected from dropdown menus. The Markup reported:4

“On the website of University Hospitals Cleveland Medical Center, for example, clicking the “Schedule Online” button on a doctor’s page prompted the Meta Pixel to send Facebook the text of the button, the doctor’s name, and the search term we used to find her: “pregnancy termination.”

Clicking the “Schedule Online Now” button for a doctor on the website of Froedtert Hospital, in Wisconsin, prompted the Meta Pixel to send Facebook the text of the button, the doctor’s name, and the condition we selected from a dropdown menu: “Alzheimer’s.””

Read More – Pixelated: The (Continuous) Great Harvest Of Your Medical Records

Leave a Reply

Your email address will not be published. Required fields are marked *