Facebook might be collecting your protected health information (PHI), according to a recent lawsuit.
Meta, Facebook’s parent company, is facing a lawsuit alleging that Meta has scraped private health data from hundreds of hospital websites.
We can help your practice get up to date and prepared to minimize breach risks from third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
Allegedly, Meta has used its Meta Pixel tracker to take patient data from hospital websites.
A recent report found that Meta Pixel allows websites to track visitor activity and has been used on hundreds of hospital sites.
Meta Pixel can collect anything in HTTP headers, click data, form field names and more.
Packets of patient portal data were allegedly sent to Facebook whenever someone clicked a button to schedule a doctor’s appointment. Facebook also was receiving PHI related to medical conditions and doctor’s names.
The current lawsuit alleges that millions of patients have had their rights to privacy violated by Meta.
Healthcare organizations should also be concerned, as they are covered entities and cannot release information to Meta without a HIPAA release.
Should the government decide to investigate, healthcare organizations could potentially face HIPAA audits related to these allegations.
If you have any questions about your HIPAA obligations or business associates, contact Rickard & Associates today!
We know you’re busy. Subscribe to our blog to get updates and news sent directly to your inbox!
We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, subscribe today!
Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors? We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs, call us today.