Stories
Slash Boxes
Comments

SoylentNews is people

posted by hubie on Monday June 20 2022, @06:08PM   Printer-friendly
from the Mark-Zuckerberg,-M.D. dept.

Experts say some hospitals' use of an ad tracking tool may violate a federal law protecting health information :

A tracking tool installed on many hospitals' websites has been collecting patients' sensitive health information—including details about their medical conditions, prescriptions, and doctor's appointments—and sending it to Facebook. The Markup tested the websites of Newsweek's top 100 hospitals in America. On 33 of them we found the tracker, called the Meta Pixel, sending Facebook a packet of data whenever a person clicked a button to schedule a doctor's appointment. The data is connected to an IP address—an identifier that's like a computer's mailing address and can generally be linked to a specific individual or household—creating an intimate receipt of the appointment request for Facebook.

[...] The Meta Pixel sends information to Facebook via scripts running in a person's internet browser, so each data packet comes labeled with an IP address that can be used in combination with other data to identify an individual or household.

HIPAA lists IP addresses as one of the 18 identifiers that, when linked to information about a person's health conditions, care, or payment, can qualify the data as protected health information. Unlike anonymized or aggregate health data, hospitals can't share protected health information with third parties except under the strict terms of business associate agreements that restrict how the data can be used.

In addition, if a patient is logged in to Facebook when they visit a hospital's website where a Meta Pixel is installed, some browsers will attach third-party cookies—another tracking mechanism—that allow Meta to link pixel data to specific Facebook accounts.

[...] Houston Methodist Hospital, in Texas, was the only institution to provide detailed responses to The Markup's questions. The hospital began using the pixel in 2017, spokesperson Stefanie Asin wrote, and is "confident" in Facebook's safeguards and that the data being shared isn't protected health information.

[...] Asin added that Houston Methodist believes Facebook "uses tools to detect and reject any health information, providing a barrier that prevents passage of [protected health information]."

[...] "The evil genius of Facebook's system is they create this little piece of code that does the snooping for them and then they just put it out into the universe and Facebook can try to claim plausible deniability," said Alan Butler, executive director of the Electronic Privacy Information Center. "The fact that this is out there in the wild on the websites of hospitals is evidence of how broken the rules are."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Spam) by Anonymous Coward on Tuesday June 21 2022, @06:24PM

    by Anonymous Coward on Tuesday June 21 2022, @06:24PM (#1254976)

    Guess what Dalek? YOU LOSE, hosts work vs. Symbiote C2 server(s) per this line from a MUCH better article than the one used here from bradley13 per "configuration in the binary that used the git[.]bancodobrasil[.]dev domain as its C2 server" from https://www.intezer.com/blog/research/new-linux-threat-symbiote/ [intezer.com] (INTEZER's now owned by Microsoft iirc as well).

    & did I block that in my original posts here https://soylentnews.org/comments.pl?noupdate=1&sid=49835&page=1&cid=1253504#commentwrap [soylentnews.org] on this BOGUS sockpuppet upmodding yourselves shithole website (which also noted FIREWALLS are invaluable here too, per wildcards (or even IP address use, URL domain/subdomain too in many as well)?

    YES I DID! I was correct...

    & YES, hosts work vs. this threat too stupid!

    FACT: hosts files block symbiote C2 servers which is all you really need to do to nullify their communication.

    FACT: Exfiltration isn't possible without orders either.

    FACT: Orders come from C2 servers!

    So YOU LOSE chump... a BETTER ARTICLE than what I used proves it for me!

    * THANKS FOR LOSING TO ME yet again, as always for you... try me again? THIS COMES UP AS PROOF (as well as another I have on YOU regarding using sources where YOU contradict yourself - want quotes of that too? ASK!)

    HOW ESPECIALLY EMBARASSING FOR YOU with your NO-DOUBT self-upmodded by sockpuppet accounts of YOURSELF too - now that YOU have EGG ON YOUR FACE fucko!

    APK

    P.S.=> Do yourself a FAVOR - don't ever, EVER try me ever again OR I WILL MAKE SURE YOU SHIT ON YOURSELF yet again as always, easlly... apk

    Starting Score:    0  points
    Moderation   -1  
       Spam=1, Total=1
    Extra 'Spam' Modifier   0  

    Total Score:   -1