Healthcare websites continue to transmit patients' personal and health data to Big Tech companies, Bloomberg reported.
Cybersecurity firm Feroot Security examined hundreds of healthcare and telehealth sites and found that 86% collect and send data without the user's consent while 73% of their login and registration pages have trackers that can expose health information, according to the Oct. 17 story. About 15% of the consumer-tracking pixels can read and collect a user's keystrokes, enabling them to identify names, Social Security numbers and medical diagnoses and treatments, the company said.
The most common consumer-tracking pixels were from Google, Microsoft, Meta Platforms and TikTok parent company ByteDance, the report found. Google, Microsoft and Meta denied to Bloomberg that the tools were collecting sensitive data, while TikTok didn't respond to the news outlet's request for comment.
Hospitals and health systems across the country have faced class-action lawsuits in recent months, with some agreeing to multimillion-dollar settlements, over their use of the tracking pixels. HHS has warned that their use could violate HIPAA, and sent out warning letters about them in July to 66 hospitals and health systems.