FTC and OCR Caution Against Use of Online Tracking Technologies

The warning for hospitals and telehealth providers is that these technologies could pose privacy concerns.

By HFT Staff


The Federal Trade Commission and the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) are cautioning hospitals and telehealth providers about the privacy and security risks related to the use of online tracking technologies integrated into their websites or mobile apps that may be impermissibly disclosing consumers’ sensitive personal health data to third parties. 

“When consumers visit a hospital’s website or seek telehealth services, they should not have to worry that their most private and sensitive health information may be disclosed to advertisers and other unnamed, hidden third parties,” says Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “The FTC is again serving notice that companies need to exercise extreme caution when using online tracking technologies and that we will continue doing everything in our powers to protect consumers’ health information from potential misuse and exploitation.” 

“Although online tracking technologies can be used for beneficial purposes, patients and others should not have to sacrifice the privacy of their health information when using a hospital’s website,” says Melanie Fontes Rainer, OCR director. “OCR continues to be concerned about impermissible disclosures of health information to third parties and will use all of its resources to address this issue.” 

The two agencies sent the joint letter to approximately 130 hospital systems and telehealth providers to alert them about the risks and concerns about the use of technologies, such as the Meta/Facebook pixel and Google Analytics, that can track a user’s online activities. These tracking technologies gather identifiable information about users, usually without their knowledge and in ways that are hard for users to avoid, as users interact with a website or mobile app. 

In their letter, both agencies reiterated the risks posed by the unauthorized disclosure of an individual’s personal health information to third parties. For example, the disclosure of such information could reveal sensitive information including health conditions, diagnoses, medications, medical treatments, frequency of visits to health care professionals and where an individual seeks medical treatment. 

HHS highlighted these concerns in a bulletin it issued late last year that reminded entities covered by the Health Insurance Portability and Accountability Act (HIPAA) of their responsibilities to protect health data from unauthorized disclosure under the law. 

Companies not covered by HIPAA still have a responsibility to protect against the unauthorized disclosure of personal health information—even when a third party developed their website or mobile app. Through its recent enforcement actions against BetterHelp, GoodRx and Premom, as well as recent guidance from the FTC’s Office of Technology, the FTC has put companies on notice that they must monitor the flow of health information to third parties that use tracking technologies integrated into websites and apps. The unauthorized disclosure of such information may violate the FTC Act and could constitute a breach of security under the FTC’s Health Breach Notification Rule. 



July 25, 2023


Topic Area: Information Technology , Security


Recent Posts

Griffin Health Improves Patient Safety and Prevents HAIs with Electronic Hand Hygiene System

Case study: The system is used in all patient units, including the emergency department and ambulatory services.


Virginia Hospital Goes into Lockdown Following Admission of Shooting Victim

The hospital followed standard protocol by restricting access to ensure safety.


Ground Broken on Adena Fayette Medical Center

The 65,000-square-foot facility is slated to open in 2027.


University of Mississippi Medical Center Acquires Merit Health Madison

Merit Health Madison will now operate under the name UMMC Madison.


Preventing Slips and Falls in Hospitals

Flooring type, matting and cleaning programs all contribute to safer facilities.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.