Your Health Information Privacy Online at Serious Risk

Telemedicine or eHealth

Author: University of Pennsylvania Annenberg School for Communication - Contact: Joseph J. Diorio - jdiorio@asc.upenn.edu
Published: 2015/03/01
Contents: Summary - Introduction - Main - Related

Synopsis: There is a significant risk to your privacy whenever you visit a health-related web page.

Introduction

An analysis of over 80,000 such web pages shows that nine out of ten visits result in personal health information being leaked to third parties, including online advertisers and data brokers.

Main Digest

This puts users are risk for two significant reasons:

For individuals, this means profiles are built based on web page visits, potentially resulting in someone being labeled a commercial risk due to the fact that they have used a site like WebMD.com or CDC.gov to look up health information for themselves, a family member, or a friend. Given that data brokers are free to sell any information they collect regarding visits to health websites, those visiting such sites are potentially at risk of being discriminated against by potential employers, retailers, or anybody else with the money to buy the data.

These findings are reported in the article "Privacy Implications of Health Information Seeking on the Web," appearing in the March 2015 issue of Communication of the ACM.

Timothy Libert, a doctoral student at the University of Pennsylvania's Annenberg School for Communication wrote the article. He authored a software tool that investigates Hypertext Transfer Protocol (http) requests initiated to third party advertisers and data brokers.

He found that 91 percent of health-related web pages initiate http requests to third-parties. Seventy percent of these requests include information about specific symptoms, treatment, or diseases (AIDS, Cancer, etc.). The vast majority of these requests go to a handful of online advertisers: Google collects user information from 78 percent of pages, comScore 38 percent, and Facebook 31 percent. Two data brokers, Experian and Acxiom, were also found on thousands of pages.

"Google offers a number of services which collect detailed personal information such as a user's persona email (Gmail), work email (Apps for Business), and physical location (Google Maps)," Libert writes. "For those who use Google's social media offering, Google+, a real name is forcefully encouraged. By combining the many types of information held by Google services, it would be fairly trivial for the company to match real identities to "anonymous" web browsing data." Indeed, in 2014, the The Office of the Privacy Commissioner of Canada found Google to be violating privacy Canadian laws.

"Advertisers promise their methods are wholly anonymous and therefore benign," Libert writes. "Yet identification is now always required for discriminatory behavior to occur." He cites a 2013 study where individuals' names were associated with web searches of a criminal record, simply based on whether someone had a "black name."

"Personal health information - historically protected by the Hippocratic Oath - has suddenly become the property of private corporations who may sell it to the highest bidder or accidentally misuse it to discriminate against the ill," Libert said. "As health information seeking has moved online, the privacy of a doctor's office has been traded in for the silent intrusion of behavioral tracking."

Online privacy has for some time been a concern.

Studies conducted by Annenberg dating back to 1999 indicate wariness among Americans about how their personal information may be used. And slightly more than one in every three Americans even knows that private third-parties can track their visits to health-related websites.

Libert points out that the Federal Health Insurance Portability and Accountability Act (HIPPA) is not meant to police business practices by third party commercial entities or data brokers. The field of regulation is widely nonexistent in the U.S., meaning that individuals looking up health information online are left exposed and vulnerable.

According to Libert, "Proving privacy harms is always a difficult task. However, this study demonstrates that data on online health information seeking is being collected by entities not subject to regulation oversight. This information can be inadvertently misused, sold, or even stolen. Clearly there is a need for discussion with respect to legislation, policies, and oversight to address health privacy in the age of the internet".

Related Publications

Share This Information To:
𝕏.com Facebook Reddit

Page Information, Citing and Disclaimer

Disabled World is an independent disability community founded in 2004 to provide news and information to people with disabilities, seniors, their family and carers. We'd love for you to follow and connect with us on social media!

Cite This Page (APA): University of Pennsylvania Annenberg School for Communication. (2015, March 1). Your Health Information Privacy Online at Serious Risk. Disabled World. Retrieved July 12, 2024 from www.disabled-world.com/medical/ehealth/health-privacy.php

Permalink: <a href="https://www.disabled-world.com/medical/ehealth/health-privacy.php">Your Health Information Privacy Online at Serious Risk</a>: There is a significant risk to your privacy whenever you visit a health-related web page.

Disabled World provides general information only. Materials presented are never meant to substitute for qualified medical care. Any 3rd party offering or advertising does not constitute an endorsement.