UCLA Health Data Privacy Investigation
The Lyon Firm is investigating UCLA Health for alleged privacy violations on behalf of plaintiffs in California and nationwide. Contact the firm for a free and confidential consultation.
The HHS has reported that 94,000 individuals may have had their personal data impacted in a UCLA Health privacy breach. Privacy attorneys around the country have recently filed class action lawsuits against large healthcare networks involving hospital data violations linked to Facebook/Meta.
According to a notice on the UCLA Health website, the company uses analytical tools to collect information from patients’ activity on their site, as well as from third parties, such as ad networks or analytics services that interact with the site. Who these third parties are is not clear.
Facebook’s parent company Meta and several large hospital networks like UCLA have allegedly violated medical privacy laws with a tracking tool that sends health information directly to Meta.
Under HIPAA protections, any healthcare data transfer should require consent from patients. Lawyers allege there is no evidence that consent had been obtained from patients in some other notable hospital data privacy Meta Pixel complaints.
If you or a loved one has questions about your privacy rights and data security at UCLA Health, contact us for a case review.
Can UCLA Health Legally Collect Data?
The data collected by websites may include your IP address, digital identifiers, information about your web browsing activity, and how you interact with the site.
There are several newer laws that attempt to protect consumers from large-scale data violations. Notably, the California Consumer Privacy Act (CCPA) gives California residents the right to the following:
- Knowing how their personal information is used
- Ability to access, request, and receive any personal information that has been collected in a portable manner
- Ability to request that any entity delete their personal information
- Ability to opt-out of their personal information being sold or shared
What is the Meta Pixel Tool?
Meta’s data trackers are embedded in many of the websites we all use. The Meta Pixel tool is a piece of JavaScript code that websites can use to track the movement of users across a site. The Meta Pixel tool records information liked user IP addresses and the actions of users.
On a hospital website, for example, Meta Pixel can record appointment information and any information selected from menus. The collected information and tracking data is then sent to Meta to be processed, stored, and used for targeted advertising.
Data Privacy lawsuits have been filed against Meta for allegedly collecting patient data from healthcare websites, violating the privacy of millions of patients.
Are there Hospital Data Privacy Laws?
Yes, under the HIPAA, any hospital data transfer should require consent from patients. Lawyers allege there is no evidence that consent had been obtained from patients in some prior hospital data privacy Meta Pixel complaints.
Meta (Facebook) is not hemmed in by HIPAA, but the hospitals and health systems that use Meta Pixel on their websites have been named as defendants in class actions.
The terms and conditions of Meta state that if sensitive data is transferred using Meta Pixel, the company will prevent that data from being used to serve targeted ads, but it is unclear if that has rung true.
Meta Pixel Hospital Data Class Action Lawsuits
Data Privacy lawsuits have been filed against Meta for allegedly collecting patient data from hospital websites through the Meta Pixel tool, violating the privacy of millions of patients.
The lawsuits allege Meta has violated California’s Unfair Competition Law and the Invasion of Privacy Act. The complaint reads: “Despite knowingly receiving health-related information from medical providers, Facebook has not taken any action to enforce or validate its requirement that medical providers obtain adequate consent from patients before providing patient data to Facebook.”
