Hospitals – despite being places where people implicitly expect to have their personal details kept private – frequently use tracking technologies on their websites to share user information with Google, Meta, data brokers, and other third parties, according to research published today.
"It's shocking, and really kind of incomprehensible," said Dr Ari Friedman, an assistant professor of emergency medicine at the University of Pennsylvania, who – along with Matthew McCoy, Angela Wu, Sam Burdyl, Yungjee Kim, Noell Kristen Smith, and Rachel Gonzales – authored the paper.
To find the trackers on websites, the team checked out each hospitals' homepage on January 26 using webXray, an open source tool that detects third-party HTTP requests and matches them to the organizations receiving the data.
Both Meta and Google's tracking technologies have been the subject of criminal complaints and lawsuits over the years – as have some healthcare companies that shared data with these and other advertisers.
But if they do have a privacy policy, they better make sure their processes on deleting personal information upon request, for example, follow the government polices – or they could face the wrath of regulators like the Federal Trade Commission.
Mass General Brigham ended up paying an $18.4 million settlement to resolve a class action lawsuit that alleged the institutions shared personally identifiable information about patients to Facebook, Google, and other companies.
The original article contains 973 words, the summary contains 226 words. Saved 77%. I'm a bot and I'm open source!