Hospital websites often use tracking technologies that can capture user information and transmit it to third parties such as Google or Snapchat.
According to HHS, HIPAA-regulated entities are not allowed to use tracking technologies in a way that would share private health information with companies that provide these kinds of technologies.
In this study, conducted by researchers at Philadelphia-based University of Pennsylvania, 100 non-federal acute care hospitals’ websites were analyzed between November 2023 and January 2024 to assess if they have easy-to-find privacy policies and if those policies tell users about third-party tracking.
The researchers found that 96% of hospital websites shared user data with third-parties, but only 71% had a privacy policy. Among those with such a policy, 56% shared the third-party companies with which they share information.
