For a species so smart, human beings boast a pretty dismal record at not making mistakes. This has already been proven quite a few times throughout our history, with each testimony practically forcing us to look for a defensive cover. We will, on our part, find the stated cover once we bring dedicated regulatory bodies into the fold. Having a well-defined authority across each and every area was a game-changer, as it instantly gave us a safety cushion against our many shortcomings. By doing so, the move did usher us towards a reality that was much better in every conceivable sense, but unfortunately enough, the utopia to emerge here didn’t stick around for very long. Talk about what caused this sudden death; it was all technology’s fault. You see, the moment technology got its layered nature to take over the scene, it allowed every individual an unprecedented chance to exploit others for their own benefit. In case this didn’t sound bad enough, the whole runner soon began to materialize on such a massive scale that it expectantly overwhelmed our governing forces and sent them back to square one. After a lengthy spell in the wilderness, though, it finally seems like the regulatory contingent is finally ready to make a comeback. The same has only turned more and more evident over the recent past, and truth be told, a new lawsuit should do a lot to make that shift much grander moving forward.
A patient has officially filed a class-action against Advocate Aurora Health in relation to a data breach that affected more than 3 million patients. According to the complaint, the company’s proprietary platform, which facilitates doctor-patient communication and schedules appointments, used a pixelated code that would actually share the patient’s data with Facebook. Now, while Advocate has since confirmed the breach and disabled the pixel system, Alistair Stewart, the patient who filed the lawsuit, alleges that the company violated HIPAA by not taking any concrete action despite being fully aware of how inadequate was the protection on its platform. Talk about what data was compromised in the breach, the information included the type of appointment or procedure a patient had, communications between patients and physicians that took place on MyChart, medical record numbers, details regarding a patient’s insurance status, and more.
“At all relevant times, Advocate and Facebook knew that the Meta Pixel intercepted and disclosed personally identifiable patient information and PHI,” Stewart said in the complaint. “This was evidenced from, among other things, the functionality of the Pixel, including that it enabled Advocate’s LiveWell portal to show targeted advertising to its digital subscribers based on the products those digital subscribers had previously viewed on the website, including certain medical tests or procedures, for which Advocate received financial remuneration.”
Data breaches within the healthcare industry have been growing exponentially for a while now. Surely, Advocate’s data breach was by far the largest in terms of the number of patients affected in the past month, but there seem to be many other organizations that are currently going up against the stated issue. For instance, WakeMed Health of North Carolina recently suffered a breach, which affected more than 500,000 people, whereas Keystone Health in Pennsylvania also confirmed a digital infiltration that compromised the information of over 235,000 accounts. Nevertheless, it will be interesting to see whether the new lawsuit is able to shake things up for the better.
Pic credit: JOHN MARTIN-EATINGER