{"subscriber":false,"subscribedOffers":{}} Widespread Third-Party Tracking On Hospital Websites Poses Privacy Risks For Patients And Legal Liability For Hospitals | Health Affairs

Cookies Notification

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more.
×

Research Article

Hospitals

Widespread Third-Party Tracking On Hospital Websites Poses Privacy Risks For Patients And Legal Liability For Hospitals

Affiliations
  1. Ari B. Friedman ([email protected]), University of Pennsylvania, Philadelphia, Pennsylvania.
  2. Raina M. Merchant, University of Pennsylvania.
  3. Amey Maley, University of Pennsylvania.
  4. Karim Farhat, University of Pennsylvania.
  5. Kristen Smith, University of Pennsylvania.
  6. Jackson Felkins, University of Pennsylvania.
  7. Rachel E. Gonzales, University of Pennsylvania.
  8. Lujo Bauer, Carnegie Mellon University, Pittsburgh, Pennsylvania.
  9. Matthew S. McCoy, University of Pennsylvania.
PUBLISHED:No Accesshttps://doi.org/10.1377/hlthaff.2022.01205

Computer code that transfers data to third parties (third-party tracking) is common across the web and is subject to few federal privacy regulations. We determined the presence of potentially privacy-compromising data transfers to third parties on a census of US nonfederal acute care hospital websites, and we used descriptive statistics and regression analyses to determine the hospital characteristics associated with a greater number of third-party data transfers. We found that third-party tracking is present on 98.6 percent of hospital websites, including transfers to large technology companies, social media companies, advertising firms, and data brokers. Hospitals in health systems, hospitals with a medical school affiliation, and hospitals serving more urban patient populations all exposed visitors to higher levels of tracking in adjusted analyses. By including third-party tracking code on their websites, hospitals are facilitating the profiling of their patients by third parties. These practices can lead to dignitary harms, which occur when third parties gain access to sensitive health information that a person would not wish to share. These practices may also lead to increased health-related advertising that targets patients, as well as to legal liability for hospitals.

TOPICS
Loading Comments...