A lawsuit against U of L Health claims that it shared patients’ private health information with Facebook, violating federal privacy laws.
Courier Journal reports that the lawsuit, filed in Jefferson Circuit Court, alleges that information automatically sent to Facebook (now known as Meta) by computer code known as the Meta Pixel embedded in the U of L Health website includes prescription drug histories and diagnoses.
According to the lawsuit, U of L Health, which is associated with the University of Louisville in Kentucky, added the Meta Pixel to its patient portal and website so that the company could profit from the data it gathers and use that data to target patients with advertisements. According to the complaint, the U.S. Department of Health and Human Services warned that the practice might violate HIPAA, the federal law governing patient privacy, in a bulletin released in December 2022.
The lawsuit, which was filed on behalf of Rhonda Blandford of Louisville, asserts that U of L Health’s claim that it sends Facebook only anonymous and aggregate data conflicts with the stated goal of Meta Pixel, which is “to collect individuals’ information for ad targeting purposes.”
In response to the lawsuit, U of L Health spokesman David McArthur stated that the facility does not comment on ongoing legal matters, but he added that Meta Pixel is unable to access personal health information on their website.
The lawsuit claims that the University of Louisiana’s online privacy policy states, among other things, that it does not disclose any personal information to outside parties. But it also says: “We may work with third-party service providers who may place cookies, web beacons or similar technologies on your computer…to collect anonymous information about the use of our website.”
The lawsuit makes allegations of invasion of privacy, breach of contract, unjust enrichment, and violation of the Kentucky Consumer Protection Act. According to the lawsuit, there are so many potential claimants who share the same injuries that the court should certify the case as a class action.
U of L Health’s use of the Meta Pixel is not an isolated incident. The Meta Pixel was found to be embedded on the websites of 33 of the top 100 hospitals in the country, according to a report published by tech publication the Markup in June of last year. Johns Hopkins University, Duke University, and New York Presbyterian Hospital were among them. According to the story, when a user connects to the hospital website by clicking a button to book a doctor’s appointment, personal data is sent to Meta.
Read more at Courier Journal here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan