A lawsuit was filed Jan. 10 accusing Cincinnati-based Christ Hospital of sending patient information to Meta and other third parties using code on their website, ABC affiliate WCPO reported.
The line of code tracked and disseminated patient's activity on the hospital website, including search histories for physicians, patients' IP addresses and the types of illnesses or injuries they were seeking treatment information for. This information was allegedly collected through Meta Pixel — the JavaScript code that tracks website activity — to disseminate information to third parties for targeted advertising. The hospital did not inform patients on the website that their information was being collected, the lawsuit said.
Disseminating a patient's IP address is a violation of HIPPA, according to the report. The lawsuit also alleges that patient information through MyChart may have been compromised.
The plaintiff has remained anonymous but the lawsuit aims to represent any Christ Hospital patient who believes their personal information was compromised while using the hospital website, and requests Christ Hospital face a jury and pay damages of over $25,000 and, if allowed, punitive charges.
"At the Christ Hospital Health Network, protecting our patient's privacy is a top priority," a Christ Hospital spokesperson told WCPO. "The Christ Hospital Health Network does not sell patient information to Facebook or anyone. We are investigating the claim but due to pending litigation, we cannot make any further comment at this time."