Around the Web

How Did This Happen? Understanding the Issue of Third-Party Tracking Tech in Healthcare

Jill McKeon, for Health IT Security:

In June 2022, journalists discovered that a third of Newsweek’s top 100 hospitals in America had the Meta Pixel installed on their websites, which allegedly sent a packet of data to Facebook whenever a visitor clicked a button to schedule a doctor’s appointment. …

The Markup, also observed the Meta Pixel operating inside the password-protected patient portals of seven health systems, sending patient names, medication information, and appointment details to Facebook. …

Following the article’s publication, an influx of breach notifications and lawsuits rolled in, with hospitals across the country admitting that tracking tech originally installed to measure and evaluate website visitor trends had inadvertently been disclosing sensitive information to tech companies such as Meta and Google.

In the year since these discoveries were made, healthcare data security and privacy experts have raised concerns not only about why this technology remains so widespread across healthcare, but why many hospitals were not even aware that this tech was quietly operating on their systems for years.

Understanding the root causes of this issue requires a deep dive into what this tracking tech promises to provide its customers, and the communication, technical, and regulatory gaps that contributed to this problem going unnoticed at some healthcare organizations.