The Attorney General will investigate hospitals that sent patient data to Meta
The Attorney General will investigate hospitals that sent patient data to Facebook’s parent company, Meta.
A spokesperson for the attorney general said in a statement, “Our office is extremely concerned about the reports on Facebook’s access to medical information and the disclosure of people’s information. We are actively investigating this matter.”
This comes as two state representatives called on the attorney general’s office to formally investigate the hospitals.
Reps. Brian Farkas and Donny Lambeth asked the attorney general to investigate whether hospitals violated consumer protection or privacy laws, and to recommend legal changes that would protect patients from privacy breaches in the future.
“To be frank, the ability for patients in North Carolina to partake in our health care system, which often obligates the use of modern technology, should not come at the cost of privacy,” the letter read.
An investigation would hold the health systems accountable and signal the importance of patient privacy to other providers, the representatives wrote.
Cody Hand, an official at the North Carolina Healthcare Association, which represents state hospitals, said his organizations looks forward to working with Attorney General Josh Stein to make sure patient data is secure.
“While we understand that there is a need to ensure that data has been protected, we are sure that the Attorney General will find all protections have been in place,” he said.
Last week, an investigation by the Markup and STAT found that four of North Carolina’s largest health care systems sent sensitive health information to Facebook.
The providers used a digital tracker called Meta Pixel in their patient portals or appointment scheduling websites, which could have sent Facebook information about patients’ health conditions, allergies and, in the case of Novant Health, sexual orientations.
That data was sent along to the advertising giant along with an IP address, which could be used to trace the health data back to a specific individual or household.
The health care providers implicated in the article — Duke University Hospital, Atrium Health Carolinas Medical Center, WakeMed and Novant Health — recorded more than 4 million admissions and outpatient appointments in 2020, according to data from the American Hospital Association.
Spokespeople for Novant Health, Duke Health and WakeMed said Meta Pixel was removed after concerns were brought to their attention.
This is a breaking news story and will be updated.
This story was originally published June 23, 2022 at 2:33 PM.
