Any healthcare organization that embeds tracking technologies in its website should carefully review whether it is inadvertently violating HIPAA or other federal regulations, said Nick Heesters, senior adviser for cybersecurity at the Department of Health and Human Services’ Office for Civil Rights.
Over the last few months and weeks, HHS OCR and the Federal Trade Commission have warned healthcare firms – whether covered by HIPAA or not – of potential privacy violations caused by web trackers that send sensitive health data to third parties such as social media and marketing firms.