The Federal Trade Commission (FTC) and the US Department of Health and Human Services Office for Civil Rights (OCR) have issued a joint warning to nearly 130 hospitals and health-app developers regarding the potential privacy risks of online tracking technologies. The two agencies have expressed concern over technologies such as Meta Pixel and Google Analytics, which are capable of gathering personally identifiable information from users interacting with healthcare websites or mobile apps. The data collection process is often covert, leaving users unaware and powerless to stop it.
According to the joint letter, the unauthorized disclosure of an individual's personal health information can lead to a wide range of problems, from identity theft to financial loss, and even severe emotional distress. Such disclosures can also reveal sensitive information like health conditions, medications, frequency of visits to healthcare professionals, and treatment locations. The letter aims to enlighten healthcare providers and app developers about these privacy implications, urging them to adopt better data protection practices and handle users' personal information responsibly and transparently.
The FTC and OCR emphasize that the disclosure of such information could infringe upon the Health Insurance Portability and Accountability Act and the FTC Act. By highlighting these potential pitfalls, the agencies hope to foster an environment of greater accountability and regulation within the healthcare app sector, ultimately safeguarding user privacy.