Meta Faces Lawsuit For Collecting Private Medical Info

thegamer.com:

A class-action lawsuit is brewing between Meta and several hospital patients that accuse the tech giant of violating HIPAA. According to two lawsuits, one filed in June, one filed in July, and both in the state of California, Meta’s ad tools illegally collected private patient information in order to provide targeted ads on Facebook and Instagram.

Both complaints center on Meta Pixel, a tracking tool that installs on websites to provide data analytics for Facebook and Instagram ads. The tool collects info on how users interact with sites, recording where they click and what info is input by the user. That information is then used to provide the user with targeted advertisements.

Related: Meta Quest 2’s Price Hike Is The Most Anti-Consumer Decision I've Seen In Years

As reported by The Verge, an investigation by The Markup in June found that 33 of the top 100 hospitals in the USA use Meta Pixel. On seven of those hospitals, Meta Pixel was installed on password-protected patient sites. These sites contain private patient information on health conditions, appointment schedules, medications, and medical allergies.

This information is protected under Health Insurance Portability and Accountability Act (HIPAA), which requires patient consent for information to be sent outside the medical practice. Both lawsuits noted that patients started receiving ads for their medical conditions, suggesting Pixel gathered this data and sent it to Meta--a violation of HIPAA.

The lawsuits allege Meta Pixel was installed on patient portals with the knowledge the private patient information would be collected and sent outside the hospitals’ network. The suits also allege Facebook is not filtering sensitive health data on its end either. The