Vast majority of US hospital websites are sharing visitor data with Big Tech companies

[Shawn Knight]

Facepalm: HIPAA privacy rules are a big deal in the healthcare industry, and it only seems natural that those protections would extend to all aspects of a patient's experience. According to a recent study, however, privacy pretty much goes out the window when visiting a hospital's website. Unsurprisingly, it all boils down to ad money.

Researchers from the University of Pennsylvania recently analyzed 100 non-federal acute care hospitals (those with an emergency room) across the country and found that a whopping 96 percent transmitted user information to third parties. If that weren't bad enough, the team was only able to find publicly accessible privacy policies on 71 percent of sites.

On websites with privacy policies, just over half (56.3 percent) disclosed that a third-party would receive user data.

Ari Friedman, an assistant professor of emergency medicine at the University of Pennsylvania and an author of the study, told The Register that the findings are incomprehensible. That said, it is not terribly surprising.

Last year, the same researchers published a similar study that looked at 3,747 hospital websites. That report determined that 98.6 percent of sites tracked and transferred user data to a variety of third parties including data brokers, advertising firms, and social media companies – all of which are in the business of using detailed data to sell targeted ads.

The researchers used an open-source tool called webXray to detect third-party HTTPS requests and match them with companies receiving the data.

Friedman said that in every study they have conducted – across all facets of the health care system – one name is "on nearly every page, including hospitals." Google. The team found Meta on more than half of hospital pages it analyzed, while Adobe received data from 20 to 30 percent of sites. Other tech giants sourcing data from hospital websites included Amazon, Microsoft, Oracle, and Verizon, Friedman added.

In lieu of federal data privacy laws, it's up to consumers to do all they can to protect their data online.

Image credit: Pixabay, Marija Zaric

Permalink to story:

Vast majority of US hospital websites are sharing visitor data with Big Tech companies

 

[maxxcool7421]

A vast majority run windows 7 and XP ... so sharing is really a ''choice'' . DLP can prevent some leakage but overall hospital networks are the worse secured things on earth from my time in AV

 

[yRaz]

HIPAA doesn't apply to visitors, only patients. Unless the website is somehow providing big tech with patient's health records then they aren't doing anything illegal under HIPAA.

 

[NumberNine]

I was a healthcare sysadmin. Like most businesses, unless there are fines or a lawsuit they are 100% focused on processing patients and getting that money.

 

[DefNotAbot]

A vast majority run windows 7 and XP ... so sharing is really a ''choice'' . DLP can prevent some leakage but overall hospital networks are the worse secured things on earth from my time in AV

HIPAA also requires, as I understand it, that hospital (or any patient data-containing platforms) be run on currently-supported software. You might see XP or 7 on an old MRI machine’s console, but that shouldn't be outward-facing.

 

[someusernam]

There is a reason why so many free web development frameworks exist. Probably those hospitals' admins aren't even aware of how much tracking is on their websites or where the info goes.

 

[Dimitrios]

Keep an eye on AI and Equity in the coming years. How did water equity work in Hawaii lately?

 

[OortCloud]

Google and Meta are the most pernicious of companies. The damage these two organisations have done to society in the name of money is almost immeasurable. Their deeply deceptive 'free' business model set a trend that unfortunately more and more companies have tried to follow. They both need breaking up and massive regulation.

 

[Dimitrios]

Google and Meta are the most pernicious of companies. The damage these two organisations have done to society in the name of money is almost immeasurable. Their deeply deceptive 'free' business model set a trend that unfortunately more and more companies have tried to follow. They both need breaking up and massive regulation.

They want to pump out their own propaganda. Youtube has gotten worse with me when it comes to exposing the truth. They don't like the research I do about Capt J. Pelletier', Bama's FOIA on his chef, Hunter paintings that match the ones on the plywood on abandoned buildings, Acorn, Cuomo, LockheedMartinWeapon and now Bama's secret sauce puppet Festerman with Oprah. It's good to see people like you that notice these things.