Federal judge strikes down HHS ban on tracking cookies
A U.S. Department of Health and Human Services (HHS) rule designed to rein in the use of cookies and third-party web trackers on the websites of HIPAA-covered entities has been derailed by a federal court.
A group of providers and hospitals, backed by the American Hospital Association and other professional associations, opposed the rule, arguing the HHS overstepped its regulatory authority. A Texas Federal Court ultimately agreed, striking down the guidance until it’s appealed to a higher court.
The rule was put in place to stop personal health information and patient details from being shared with large advertisers, namely Google, Meta and Microsoft. However, providers argued it was too constraining, and that the data it gathered also helped them to improve their services. For now, providers can continue using these tracking technologies, which allow tech companies to serve up targeted ads. Information shared with advertisers often includes more than an IP address and name, with details on medical conditions and diagnoses also being distributed.
Trackers very common
This year alone, tracking cookies have been the source of multiple lawsuits. In April, Atrium Health in North Carolina was sued by two plaintiffs who claimed they received unsolicited emails and personalized ads as a result of the health system’s website containing trackers.
In May, a very similar lawsuit was brought against Florida provider network Palm Beach Health after their website was found to be using Meta’s Pixel application.
Tracking cookies also caused a major data leak. In April, Kaiser Permanente reported that it was responsible for exposing personal data from 13.4 million members to third-party advertisers, namely Microsoft, Meta and Google as a result of background trackers on its website.
Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.