A new study shows how websites and apps gather people’s sensitive health-related information, sometimes without consent, and channel it to the social media giant to generate business.
Digital health companiesA new report by the Light Collective shows that Facebook uses sensitive information patients share with it for targeting ads. In some cases this sharing is running afoul of the companies’ own privacy policies and raising concerns about HIPAA violations.
This peer-reviewed study was published on Monday The patterns, a data science journal, examines the way data from individuals’ health-related activity online is tracked across websites or platforms and then used for advertising purposes on Facebook. Researchers examined the activities of 10 people who were active in an online community for cancer. They had previously used five companies’ digital tools: Color Genomics (Myriad Genetics), Invitae Health Union, Invitae and Health Union, as well as Invitae Health Union. The researchers found that these companies used third-party advertising trackers to monitor patients’ online activities and market to them. Three companies violated their privacy policies.
After disclosing their findings, the authors stated that only Ciitizen (and Invitae) responded. They said they were investigating privacy concerns with tracking tools. All five companies did not respond to our requests for comment. SMEThe publication date was at the time. Meta, Facebook’s parent company didn’t immediately reply to a request of comment.
“Health privacy is a basic requirement in digital medicine for reducing the abuse of power and supporting patient autonomy.”
Andrea Downing, cofounder of the Light Collective, which is focused on privacy issues in the online world, said “data gathering and predictive algorithms that are used for advertising and other purposes are one of the biggest threats to online patient communities.” It puts them at greater risk of discrimination and online scams, the authors wrote, adding that tracking software can make cancer-patient populations in particular more vulnerable to medical misinformation and privacy breaches.
The study’s small size is indicative of wider data-sharing trends within digital health and social networks. A study published in the summer of this year by The MarkupFor instance, it was revealed by, that hospitals use Facebook trackers for sensitive patient information to be shared with Facebook marketing purposes. It is possible this violates the Health Insurance Portability and Accountability Act (or HIPAA).
Users are often left confused by the privacy policies of these apps, which can be lengthy and ambiguous. Some platforms also engage in risky data practices without individuals’ consent. The new research, co-authored by Eric Perakslis, executive director at Duke’s Center for Biomedical Informatics, is intended to raise awareness around both.
“Health privacy is a basic requirement in digital medicine for reducing the abuse of power and supporting patient autonomy,” the authors write.
“While the digital medicine ecosystem relies on social media to recruit and build their businesses” through ads and marketing, they add, “these practices sometimes contradict their own stated privacy policies and promises to users.”