Hospitals reportedly send private patient information to Facebook, potentially sharing health information with the social network through an ad tracker.
While Facebook is still facing other cases, from massive data theft by hackers to fines for spying on its users, a joint investigation by The Markup and Reveal reveals that many hospital websites have a tracking tool that sends sensitive medical information to Facebook when people book an appointment. More precisely, Facebook would currently collect data on people who visit the websites of hundreds of pregnancy crisis centers.
The MarkUp tested the websites of America’s top 100 hospitals, and found that 33 of them used a tracker called Meta Pixel, which sends Facebook a data packet each time someone clicks or presses a button to book an appointment at the doctor. However, Meta prohibits websites and apps that use Facebook’s advertising technology from sending data to the social network about ” sexual and reproductive health “.
Read also – Meta: you do not know what happens to your personal data? Neither does Facebook.
Facebook knows if its users plan to have an abortion
The survey also focused on 2,500 crisis center websites for pregnant women and found that at least 294 of these sites shared information about their visitors with Facebook. Some sensitive personal data included information about whether a person was considering an abortion or was trying to get emergency contraceptives or a pregnancy test.
Experts say hospitals using the tool could be violating medical data privacy law, the Health Insurance Portability and Accountability Act, or HIPAA. This law does not theoretically prohibit Facebook from sharing data. However, according to one complaint, Facebook tells users that publishers only send data to Facebook if they have the legal right to do so. In other words, Facebook allegedly misrepresented its policy by collecting information from outside websites that weren’t supposed to disclose it.
Neither the hospitals nor Meta said they had such contracts in place., and The Markup found no evidence that hospitals or Meta were otherwise obtaining express consent from patients. ” Facebook knowingly receives patient data, including patient portal usage information, from hundreds of medical providers in the United States who have deployed the Meta Pixel on their websites “says the lawsuit.
Source : The Reveal