Meta is being sued for giving US hospitals a data-tracking tool that allegedly ended up disclosing patient information to Facebook

A new lawsuit alleges that Meta has access to the private medical data of millions of people without permission and has used it to serve targeted medicine and treatment ads on Facebook.

The suit, which was filed last week in the Northern District of California, is the second such lawsuit that accuses US hospitals of providing Meta with sensitive patient information and violating HIPAA. The Verge originally reported on the suit earlier Tuesday.

The complaint says that these hospitals used Meta’s Pixel tool, which then accessed patients’ password-protected portals and shared sensitive health information that Meta then sold to Facebook advertisers.

Meta Pixel is a tool that allows businesses to measure and build audiences for ad campaigns.

In June, an investigation by nonprofit newsroom The Markup found that 33 of the top 100 hospitals in America use the Meta Pixel.

The complaint details the experience of one Facebook user who began receiving targeted ads for medication related to heart and knee conditions that she had entered in her private patient portal at the University of California, San Francisco Medical Center.

Meta’s policy says advertisers should not share data with Meta that they know includes health, financial information, or other categories of sensitive information. However, the lawsuit accuses Meta of knowingly collecting this sensitive medical data from healthcare websites.

Meta declined to provide Insider with a comment for this story.

Meta has come under fire for its data-tracking policies in the past, and Insider has reported that the company is currently building a “basic ads” product that doesn’t rely on users’ personal information.

* Article from: Business Insider