Dozens of third-party sites embedded in HealthCare.gov are raising concerns about the privacy of user's personal information, according to The Detroit News.
Web monitoring company Catchpoint Systems detected 50 third-party connections to the government site, according to the report. The sites are primarily advertisers and Web analytics sites such as Google, Facebook and Twitter.
The third-party connections cannot access a person's name, birthday or Social Security number, but they can see age, income, zip code and whether one smokes or is pregnant. They may also be able to pair this information with other Internet browsing activity, according to the report.
Medicare spokesman Aaron Albright said the third-party connections track HealthCare.gov's performance and the companies cannot use any information gleaned from the site for their own purposes, according to the report.
Embedding third-party connections to track performance is standard. However, consultants are concerned about the high number of vendors embedded in the site, according to the report.
"Vendor management can often be the weakest link in your privacy and security chain," Theresa Payton, former White House CIO and corporate cybersecurity consultant, said in the report.
More articles on health IT:
Arkansas lawmakers file bill to ban telemedicine abortions
12 recent vendor contracts, go-lives
6 steps to optimizing your EHR