A recent study published in the Cell Press Journal has detailed how health information applications are sending health information to Facebook and other social media sites. The researchers selected health information applications that were regularly used by patients that frequented social media sites like Facebook to find information regarding their medical condition.
The study consisted of five digital medicine corporations and examined the 32 distinct cross-site-tracking middleware forms that tracked users across the internet using cookies and disclosed their browsing information with Facebook with the intention of advertising and lead generation. The researchers concentrated their attention on business that provided services to social media users who were prominent patient advocates in the cancer care community. The emphasis was placed on the cancer community since it was thought that these individuals were more susceptible to cross-site monitoring middleware privacy breaches, medical misinformation, and internet scams.
Numerous consumer health applications, such as personal fitness applications and fertility trackers, collect sensitive health information. Under the terms and agreements of the applications, the information gathered from its user may be sold to third parties such as data brokers and advertisers for the purpose of serving targeted advertisements. Concerns have been raised over the disclosure of PHI by healthcare organizations through Facebook’s Meta Pixel Javascript, which has been the cause of multiple class action lawsuits.
According to the study, a cancer patient will typically sign up to use a digital medicine application and will agree to the terms and conditions. The patient either already has a Facebook account or sets one up separately. Without the user’s permission, vendors place third-party monitoring code on websites that disclose off-Facebook behavior. Facebook’s ad interests algorithms are updated using the vendor’s off-Facebook activities. Then, depending on the users’ preferences in health, Facebook’s algorithms promote health-related adverts.
Despite having detailed policies in place, 3 of the 5 applications said that health information would not be disclosed to advertisers. In some instances, users were tracked and their data was given without their knowledge or authorization, and they were informed that Facebook or other parties wouldn’t get information about their health. Meta has maintained that they remove all health information from their systems to prevent advertisement access, however, the filter has been found to not detect all health information.
The researchers contend that tracking users and disclosing their information to Facebook may be in violation of federal and commercial laws, including the FTC’s Health Data Breach Notification Rule and potentially HIPAA.
These marketing tools reveal a dark pattern used to track vulnerable patient journeys across platforms as they browse online, in some ways unclear to the companies and patient populations who are engaging through Facebook,” concluded the researchers.“While the digital medicine ecosystem relies on social media to recruit and build their businesses through advertising-related marketing channels, these practices sometimes contradict their own stated privacy policies and promises to users.”