Eisenhower Medical Center (known as Eisenhower Health now) is a nonprofit teaching hospital in Rancho Mirage, CA. It made a decision to resolve a litigation involving impermissible sensitive patient information disclosure to third parties as a result of installing tracking codes on its website.
Like numerous hospitals, Eisenhower Medical Center installed Meta Pixel and other tracking codes on its web pages to know how visitors use its website. These tracking tools gather details about website visitors and how they browse the website, and usually send that data to the tool’s provider, such as Google and Meta (Facebook).
Eisenhower Medical Center faced a lawsuit filed in the United States District Court for the Central District of California. The B.K., et al. v. Eisenhower Medical Center lawsuit alleged that the healthcare provider urged people to use different digital tools through its website to get information from users, increase its profit on advertising, and boost its income. Allegedly, Eisenhower Medical Center knew that information was being disclosed to third parties, but did not get permission from users to disclose their sensitive information.
Based on the lawsuit, the data transmitted to Meta and others contained private health data like health conditions, treatments, companies, and consultations, depending on the individual’s activities on the site. The lawsuit stated 14 causes of action such as breach of implied contract, negligence, unjust enrichment, breach of fiduciary duty, violation of privacy as per the California constitution, and violations of the Electronic Communications Privacy Act, California Consumers Legal Remedies Act, California Confidentiality of Medical Information Act, California Unfair Competition Law, and California Invasion of Privacy Act.
Eisenhower Medical Center rejected and consistently refuted all accusations and claims in the lawsuit and states it did no wrong. Nevertheless, it opted to resolve the lawsuit to prevent additional litigation expenses and the uncertain results of a trial.
Based on the terms of settlement, Eisenhower Medical Center will create a $875,000 settlement fund from which class members will be paid their cash compensation. From the settlement fund, other expenses such as attorneys’ fees (not to go over $288,750), class representative awards ($2,500 each for the two identified plaintiffs), up to $20,000 in litigation expenses, and settlement administration expenditures will be paid. What is left of the funds will be split pro rata among all people who file a claim. The impermissible disclosure of data affected class members who registered on the EMC MyChart patient portal and/or booked a lab appointment and/or sent an online form via the EMC website from January 1, 2019 to May 3, 2023.
Eisenhower Medical Center has likewise decided to remove Meta Pixel and other tracking codes on its webpages for two years. If it decides to reuse tracking tools again, there will be a disclosure about using the tools. Eisenhower Medical Center likewise consented to have a recently created Web Governance Committee to evaluate the usage of analytics code and website tracking tools to make sure they are compliant with HIPAA and all pertinent laws.
Image credit: AlexPhotoStock, AdobeStock / logo©EisenhowerHealth
