Hospital Websites Found Sending Health Data to Facebook

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

A significant number of hospitals were found using a tracking tool to collect and send private patient data to Facebook. According to an investigation last month by The Markup, 33 out of 100 hospitals used the Meta Pixel tracker to collect information on prescriptions, medical history, appointments, and other personal details.

The nonprofit newsroom also discovered that a third of the investigated US hospitals sent a packet of data to Facebook whenever a patient made an online appointment. What’s even more alarming is that some hospitals even implemented the Meta Pixel tracker inside the online patient portals that are protected by unique passwords.

Meta Pixel is a tracker that logs your activity on certain websites. It registers what pages you visit, the buttons you click on, what you type into the forms, and much more.

Meta Pixel can identify you through your IP address. Then, it gathers information on your browsing habits and online actions and sends it to advertising giants Facebook and Instagram, who are both owned by Meta. In exchange for installing the tracker, the website owners gain access to analytics that helps them improve their ad placements and target whoever visits their sites.

Additionally, if you’re logged into your Facebook account while browsing one of these websites, most browsers will install tracking cookies to link the data from the Meta Pixel to your Facebook account.

In their report, the Markup revealed that the Metal Pixel collected private, password-protected information. It would log the name of the patient’s doctor, the medical reason for the appointment, descriptions of symptoms and allergic reactions, and even details about the medication. Neither Meta nor the hospitals asked for explicit permission to share this data.

The Meta Pixel tracker would also collect the doctor’s information through the online appointment process. As a result, Facebook would have access to data on your doctor, including their name, phone number, medical specialization, and email address.

“Almost any patient would be shocked to find out that Facebook is providing an easy way to associate their prescriptions with their name,” said Glen Cohen, the faculty director of Harvard Law School’s Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics.

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.