Kaiser Permanente may have sent private patient data to Google, Microsoft and X

By John Tozzi | Bloomberg

Oakland-based health plan Kaiser Permanente said its websites and apps may have inappropriately sent members’ private information to tech giants including Alphabet Inc., Microsoft Corp. and the social media company X.

Kaiser plans to inform 13.4 million current and former patients of the breach directly over the next month, according to an emailed statement to Bloomberg News.

The data shared with other companies may have included their names and what people searched for on their computers. A US government website for health-data breaches described the incident as an “unauthorized” disclosure.

Health companies are facing scrutiny over how their websites deploy tracking technology, commonly used by a wide variety of firms to build profiles for advertisers.

A report last year from Feroot Security found 86% of health websites transfer users’ data to other companies without consent. Federal authorities have warned health-care companies about the use of trackers.

It’s the latest in a series of concerning lapses in health-care data security. Health systems were roiled earlier this year after a cyberattack on Change Healthcare, a unit of UnitedHealth Group Inc., brought down its crucial network for health data and payments.

Kaiser Permanente, a nonprofit with members in eight states, apologized for its data breach in the statement. The system said it wasn’t aware of any misuse of the information, which may have gone to Alphabet’s Google, Microsoft’s Bing and X, formerly known as Twitter.

The health system removed the trackers from its websites and mobile apps after a voluntary investigation, the company said. Login credentials, Social Security numbers and financial information were not transmitted to third parties, according to Kaiser.

Read original article here

Denial of responsibility! Todays Chronic is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – todayschronic.com. The content will be deleted within 24 hours.

Leave a Comment Cancel reply