[ad_1]
Two health systems have become the latest healthcare organizations to name a web monitoring tool created by Meta (formerly Facebook) responsible for their data breaches. This comes as the social media giant faces a growing number of lawsuits alleging the device collects and sells patient health information.
The two most recent, announced in mid-October, involved a Meta tracking tool called Meta Pixel. A Meta Pixel is a snippet of JavaScript code that allows companies to track visitor activity on their website. It works by loading a small library of functions that companies can use every time a site visitor works. What makes the tool useful is that in addition to tracking web activity, it sends some of the data it collects to Meta.
According to research a Counseling, Meta Pixel is widely used nowadays. In order to understand the extent of the use of the device in hospitals, the site tested the websites of Newsweek’s top 100 hospitals in the United States. The researchers found that 33 sites have Meta Pixel in place, and seven major health systems use the tool in patient portals.
However, Meta is facing backlash regarding the data that Meta Pixel sends home, and how it uses the data.
One hospital chain accusing Meta Pixel of the data breach is Advocate Aurora Health, which operates 26 hospitals across Wisconsin and Illinois. AAH only informed its patients that due to a misconfiguration of the Pixel version, the health system exposed the personal data of 3 million patients.
When patients used the AAH portals available through MyChart and LiveWell – in addition to some of its customized features – the systems appeared to have sent PHI to Meta, especially when users entered the Facebook or Google account.
Another health system that uses Meta Pixel for data generation is the three-hospital chain WakeMed Health and Hospitals, which installed Pixel on its corporate website and MyChart portal in March of 2018.
The health system discovered that Pixel may have shared data entered into MyChart to Facebook. WakeMed executives said they weren’t sure if sensitive patient data had been shared with Facebook, but the tool was disabled in May 2022.
Earlier, in August of this year, hospital chain Novant Health revealed a data breach involving 1.4 million people in which Meta Pixel collected sensitive patient information and sent the data home. .
Meanwhile, Meta has been hit with at least three separate class-action lawsuits alleging that the Meta Pixel tool was involved in illegal data collection.
According to the information inside Health Authority, filed a class action in June against an anonymous patient of Baltimore’s Medstar Health System alleging that Meta violated HIPAA by collecting patient privacy data, including IP addresses, doctor names and practices related to health.
In August, Meta was hit with a second class action lawsuit naming UCSF Medical Center and Health Authority as co-defendants.
In the complaint, the patient alleged that Meta harvested sensitive health information through UCSF and Dignity Health’s patient portals, then sold the data to pharmaceuticals and other companies that fed its ads. according to his health conditions.
Also in August, a patient filed a class action lawsuit against Northwestern Memorial Hospital, alleging that since the provider included the use of the data analyzer in its terms and conditions, The cancellation did not exempt Northwestern from federal privacy protections. It also alleges that Meta violated federal and state data protection laws by collecting and selling private medical information.
The plaintiff is asking for punitive damages of $5 million or more for him and others in similar circumstances.
Get the latest Healthcare and IT news delivered daily
Join the thousands of healthcare and HealthIT partners who subscribe to our daily newsletter.
[ad_2]
Source link
