Industry News Project News Regulations, Codes, & Standards
Architecture Interior Design Construction Energy Efficiency Sustainable Operations Environmental Services Information Technology Maintenance & Operations
Safety Energy & Power Food Service Infection Control HVAC Groundskeeping Security
Member Reports Products
Email Management Contact Advertising Policies & Copyright Site Map Our Content on Your Site Contributing to Our Site Media Resources



UCLA Health Alerts Patients of Compromised Data

An analytics tool may have captured and transmitted health data to the third-party service providers.

By HFT Staff
February 3, 2023

UCLA Health has been alerted of an issue relating to the use of analytics tools on the its website and mobile app. Specifically, UCLA Health’s analytics tools on an appointment request form completed on the UCLA Health website or the UCLA Health mobile app (“Appointment Request Form”) may have captured and transmitted to our third-party service providers certain limited information from the Appointment Request Form. 

UCLA Health began using analytics tools from third-party service providers in April 2020. The analytics tools allow organizations to review website and app activity in the aggregate to develop more effective and efficient communication. Upon learning of concerns relating to this tool, the healthcare system disabled the functions in June 2022. Additionally, UCLA Health initiated a review, supported by a third-party forensic firm, to complete a comprehensive analysis of the use of these analytics tools on its website and mobile apps, evaluate what data these analytics tools collected, and determine to whom the data belonged. 

UCLA Health is providing notice to individuals whose data may have been captured on an Appointment Request Form. On January 13, 2023, UCLA mailed notices to those for whom it had addresses. For these individuals, the analytics tools may have captured the following information:  

  • URL/website address (which could include provider name, specialty, or ad campaign name) 
  • page view  
  • IP address 
  • third-party cookies 
  • Hashed values of certain fields on an Appointment Request Form. The hashed value form fields may have included first and last name, email address, mailing address, phone number, and gender. 

The analytics tools never captured Social Security numbers, financial account numbers, or debit/credit card information. Moreover, Appointment Request Forms that were impacted were only present on the UCLA Health website and the UCLA Health mobile app. UCLA Health did not place these analytics tools within myUCLAhealth, the online patient portal. 




See the latest posts on our homepage Share

Topic Area: Information Technology , Safety , Security

Recent Posts
Recent Posts

A Potential Alternative to the Certified Healthcare Facility Manager Program


Kentucky Community & Technical College offers a similar educational foundation on healthcare facilities.

3/28/2023

Florida Officials Question HCA Healthcare After Report Goes Viral


Sen. Marco Rubio and Rep. Gus Bilirakis have requested more information from HCA Healthcare.

3/28/2023

Atlantic General Hospital Experiences Privacy Incident


AGH discovered encrypted files in its systems in late January.

3/28/2023

Medical Office Building is Nation's First Net-Zero Healthcare Facility


Achieving net-zero building status required a two-part design combining energy efficiency and on-site renewable energy.

3/27/2023

Health Systems Turn to Artificial Intelligence to Ease Workforce Shortages


Almost half of executives in this survey report using AI solutions for their workforce.

3/27/2023





FREE
NEWSLETTER

News & Updates • Webcast Alerts • Building Technologies

All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Job Board
Post Jobs
Are You Hiring? Post Jobs

You Might Like