A class action complaint was recently filed against Cedars-Sinai Health System and subsidiary Cedars-Sinai Medical Center alleging that both transmit to numerous third parties the personal data of Cedars-Sinai.org visitors without a users consent.

Website And Mobile App Contain Third Party Tracking Tools

The lawsuit claims that the prominent Los Angeles based healthcare organization—which sees more than a million patients a year—has embedded into its website and  mobile app coded tracking tools that are “designed to facilitate eavesdropping” by third parties.

These tracking tools act as “real time wiretaps,” that transmit patients’ private information and website interactions to third parties, including Meta (Facebook), Google, Microsoft’s Bing, BroadcastMed and Marketo.

According to the complaint, the tracking code on Cedars-Sinai.org has allowed the third parties with whom patients’ data is shared to “target them with advertising by yet other, unrelated businesses.” In other words, the third parties who receive the data do not treat it as confidential  but instead as a commodity to sell for profit.

Consumers Gain No Benefit From Tracking Tools And Instead Become Advertisers  Targets

The case alleges that although consumers reasonably believe Cedars-Sinai would appropriately keep their online communications private, the hospital has instead taken “the opposite course.”

“Cedars-Sinai’s goal in installing the tracking code was not to provide any benefit to its patients but only to itself,” the case charges. “Cedars-Sinai installed the tracking code to obtain insight about how its patients and potential patients use its website.”

The lawsuit argues that by making use of tracking pixels, which can record every interaction a visitor makes on a website, Cedars-Sinai has unlawfully shared its patients’ private data with multiple unauthorized third parties without consent.

Its All About Advertising

Per the case, Cedars-Sinai.org purportedly utilizes a Meta pixel—otherwise known as a Facebook tracking pixel—and Google Analytics code, which are both used to track online visitors’ interactions and collect personal data that allows third parties to link web activity to specific users.

The defendants’ website also uses a Microsoft tracking tool called bat.bing that, purportedly shares patient communications with healthcare media company BroadcastMed and automated marketing group Marketo, the complaint alleges.

In July 2022, Cedars-Sinai purportedly removed the Meta pixel from its website, but the filing charges that “the harm has already been done.”

Patients who shared their personal and sensitive information with the defendants via Cedars-Sinai.org did so under the assumption that the healthcare organization would properly maintain their privacy, the suit alleges..

The lawsuit looks to represent anyone residing in California who accessed Cedars-Sinai.org at any time when tracking codes capable of transmitting data for marketing or website analytics purposes were present on the website.

Case Status: Open – Not Accepting New Clients

Tags: Data Privacy   Facebook Pixel   Meta   personal health information   Personal Identifying Information   wiretapping