Dive Brief:
- The Federal Trade Commission and the HHS’ Office for Civil Rights are warning hospitals and telehealth companies about embedding online tracking technologies on their websites or apps, saying the trackers risk exposing consumers’ personal health data to third parties.
- The trackers, like the Meta Pixel or Google Analytics, collect identifiable information about users and could reveal information about health conditions, diagnoses, treatments, frequency of visits and more, the agencies wrote in a letter to about 130 health systems and telehealth providers.
- The warning marks the latest move from regulators regarding the healthcare industry’s use of tracking technologies, which monitor user behavior on websites. Sharing consumers’ health data with third parties, like advertisers, has been a recent target of FTC oversight.
Dive Insight:
The use of tracking software among healthcare companies is common, according to research and media reports. The technology is used on almost 99% of hospital websites, one study found.
A recent investigation by STAT and the Markup found a significant number of direct-to-consumer telehealth websites were sharing users’ sensitive information with tech companies using these tracking tools. For example, 49 out of 50 of the websites shared which URLs consumers visited, while 35 sent personal information like name and email address and 13 collected data on consumers’ answers to questionnaires.
Regulators have been cracking down on telehealth and digital health companies sharing data with third parties, warning that entitles not covered under the HIPAA privacy law are still subject to other regulations, like the FTC Act and the Health Breach Notification Rule.
The FTC recently fined drug cost tool GoodRx, Teladoc-owned mental health company BetterHelp and fertility app Premom for sharing health data with advertisers.
“The FTC is again serving notice that companies need to exercise extreme caution when using online tracking technologies and that we will continue doing everything in our powers to protect consumers’ health information from potential misuse and exploitation,” Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, said in a statement.