Meta, Marketing and Online Healthcare: A Deadly Combination (for Data Privacy)

Guess who is being chased again!

This summer, Meta faces new criticism for how it manages, and often violates, online privacy. Meta, the parent company of Facebook, Instagram and many others, is facing a class action lawsuit in the Northern District of California over its collection of personal data through its webpage marketing integrations. As reported in the HIPAA Journal reported August 1, 2022:

The lawsuit was filed in the Northern District of California on behalf of plaintiff, Jane Doe. The lawsuit alleges that Meta and its companies, including Facebook, collected sensitive health data from millions of patients without obtaining their express consent and used that information to serve individuals with targeted advertisements.

Those who don’t know client side risk (whether it concerns data privacy or security) may be shocked to learn how common this type of practice is, despite it being a hallmark of risk present in almost all web pages of the World Wide Web.

Meta’s marketing technologies include a service known as Meta Pixel. This technology is a very useful tool for people who run customer-facing websites because it allows them to take advantage of the advertising and user tracking capabilities provided by the advanced and hugely popular network advertising platform. social media developed by Meta over the past decades.

While this tool grants powerful tools to website administrators, it simultaneously exposes vast swathes of user information to the Meta company. The Meta Pixel collects information such as a visitor’s IP address, geolocation, buttons clicked, form fields interacted with, and more.

The class action alleges that ads like these are related to Meta’s collection of personal data on healthcare websites. Source: HIPAA Review, August 2022.

You are more likely to get sick at the doctor Desk website than anywhere else

In any context, it is a highly invasive technology that poses a potential material risk to a wide variety of organizations. When installed on websites subject to regulatory concerns, such as HIPAA, CCPA, GDPR, PCI DSS, among others, it becomes a serious liability for the companies that run those websites.

We have seen similar lawsuits in finance and other industries, such as the ongoing action against Ally Bank accused of exposing visitor data to marketing partners by installing technologies like the Meta Pixel in their web application. Regulatory pressure has also increased for online retailers, the new PCI DSS v4.0 compliance framework requires measures to specifically address client-side risks.

Health websites are particularly exposed to this type of risk. The average healthcare website, whether it is an insurer, healthcare provider, health network or online practice, often deals with a unique combination of information about healthcare, payment information and marketing data, creating a complex intersection of regulatory and compliance issues. This high-risk environment is often compounded by the proliferation of apps, websites, integrations, and organizational units involved. These factors all combine to create a data privacy and security nightmare.

A prescription for good data hygiene

Source Defense has been at the forefront of eliminating client-side risks like this for nearly a decade. Our data privacy compliance and client-side security platform blocks hundreds of thousands of invasive actions performed by Meta Pixel and similar technologies every day, while ensuring that the tools perform their essential business functions. By isolating the code and managing the code, such as the Meta Pixel, inside the web page itself.

Source Defense ensures that sensitive information is never even exposed, let alone collected. We currently protect over $20 billion in revenue and thwart 2 billion compliance policy violations per quarter. We understand how to address this issue with an easy-to-manage solution that meets enterprise-wide needs and adds no additional strain to already overstretched security teams.

If you’re curious about how Source Defense can help you secure your visitors’ private information and eliminate the compliance risk associated with running a public website, request a risk report to learn more about your organization’s current client-side risk and what you can do to address it.

The post office Meta, Marketing and Online Healthcare: A Deadly Combination (for Data Privacy) appeared first on Defense of sources.

*** This is a syndicated blog from the Security Bloggers Network of Blog – Source Defense Written by [email protected]. Read the original post at:

Comments are closed.