Updated: 16 minutes agoA CVS pharmacy store in San Francisco, California, U.S., on Monday, May 2, 2022.
“Having something like Facebook trackers all over your website is pretty egregious from a privacy standpoint,” said Justin Sherman, founder of Global Cyber Strategies, an advisory firm. Representatives from Cigna, UnitedHealth, Adobe and Quantum Metric declined or didn’t respond to requests for comment.Privacy advocates warn that trackers on health websites and apps might expose intimate details of people’s lives - Viagra prescriptions, pregnancy, mental health treatment - to advertisers and data brokers without patients’ consent.
Hospital groups challenged the health agency’s position in court, arguing that it overstepped its authority and pointing out that some government websites used similar technology. In June, a Texas judge ruled against HHS, limiting the agency’s power to penalize health-care companies for using trackers.Trackers that collect personal data are ubiquitous across the internet. Sometimes called pixel trackers, these bits of code are hidden to most people.
On health websites that handle sensitive data, trackers raise heightened privacy concerns and may violate federal rules intended to protect patients’ medical information, Sherman and other cybersecurity experts say. Google said customers of its measurement tools, like Google Analytics, own the data collected and the company itself does not use the data for the search engine’s own ad targeting. Its policies bar customers from using Google Analytics to collect protected health information and also prohibit advertising based on people’s health or other sensitive information, a Google representative said.