Facebook is Receiving Sensitive Medical Information From Hospital Websites – the Markup
upstart writes:
A tracking tool installed on many hospitals' websites has been collecting patients' sensitive health information-including details about their medical conditions, prescriptions, and doctor's appointments-and sending it to Facebook.The Markup tested the websites of Newsweek's top 100 hospitals in America. On 33 of them we found the tracker, called the Meta Pixel, sending Facebook a packet of data whenever a person clicked a button to schedule a doctor's appointment. The data is connected to an IP address-an identifier that's like a computer's mailing address and can generally be linked to a specific individual or household-creating an intimate receipt of the appointment request for Facebook.
[...] The Meta Pixel sends information to Facebook via scripts running in a person's internet browser, so each data packet comes labeled with an IP address that can be used in combination with other data to identify an individual or household.
HIPAA lists IP addresses as one of the 18 identifiers that, when linked to information about a person's health conditions, care, or payment, can qualify the data as protected health information. Unlike anonymized or aggregate health data, hospitals can't share protected health information with third parties except under the strict terms of business associate agreements that restrict how the data can be used.
In addition, if a patient is logged in to Facebook when they visit a hospital's website where a Meta Pixel is installed, some browsers will attach third-party cookies-another tracking mechanism-that allow Meta to link pixel data to specific Facebook accounts.
Read more of this story at SoylentNews.