In order to protect PHI, you have to know where it is stored and how it comes in, goes out and moves around your organization. This includes marketing analytic tools used on websites and patient portals. They could be transmitting PHI to social media platforms. Very unnerving, right?
In this episode:
Amazon, Facebook, and PHI oh my! – Ep 369
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
Amazon, Facebook, and PHI?
[03:51] Two recent news articles make us think carefully about where all of our PHI could be going right now and in the future.Facebook Is Receiving Sensitive Medical Information from Hospital Websites – The Markup
The Markup scanned the websites of just over 100 hospitals. 33 of them were identified as sending patient appointment details to Facebook using the Meta Pixel tracking tool.
[15:15] Here are a few examples they shared of what they found:Hospitals that responded to questions by The Markup team were standard for the most part. But, many did not respond at all. Overall it seems that none of them understood the risk. Some said they would remove the code in their sites that used the Meta Pixel tool until they could do further evaluation. And, of course, some are taking no responsibility for the risk it poses.
[23:22] The Markup team provided excerpts from the hospital response:COMBINED hospital comments – DocumentCloud
Here are some examples from the excerpts:
Community Health Network
Froedtert Hospital
Novant Health
Northwestern Memorial Hospital
Amazon Healthcare Acquisition
[28:52] Another recent news story states Amazon has stepped into the healthcare market by acquiring One Medical. One Medical has more than 8,000 employer clients, 188 in-person locations and provides virtual telehealth services.Amazon’s Acquisition of One Medical Sparks Health Data Privacy, Security Concerns
Depending on what direction Amazon will go with healthcare services from this acquisition, HIPAA may or may not apply. If they move towards concierge care, which doesn’t take insurance, then HIPAA doesn’t apply. This means they don’t have to keep patients’ information private.
Accessing medical information online and using patient portals to view your own health information is very convenient these days. But are they truly secure and keeping your data private? There are ways to block Meta Pixels and browsers that will block cookies and other tracking tools. So look into those if you want to take action on your own to protect your private data. You can’t always count on your providers to protect it for you.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.