Telehealth startup Cerebral had a HIPAA
Startups are notoriously bad at keeping our data safe. Cerebral — a telehealth startup that launched into popularity during the early days of the coronavirus pandemic — has shared more than 3.1 million U.S. users' private health information with advertisers and social media platforms including Google, Meta, and TikTok.
In a disclosure first reported by TechCrunch, Cerebral said it used tracking technologies made available by third parties like Google, Meta, and TikTok. It's not uncommon for websites to use these kinds of tracking technologies for advertising and it's not uncommon for those practices to end in data breaches and, yes, even HIPAA violations.
That's just what Cerebral did: After reviewing its use of these technologies and data-sharing practices, the company "determined that it had disclosed certain information that may be regulated as protected health information under HIPAA" to some of those third parties. Cerebral may have accidentally given Google, Meta, and TikTok the personal information of its users such as names, phone numbers, email addresses, birthdays, IP addresses, results of their mental health self-assessments, treatments, and other clinical information.
"Upon learning of this issue, Cerebral promptly disabled, reconfigured, and/or removed the Tracking Technologies on Cerebral’s Platforms to prevent any such disclosures in the future and discontinued or disabled data sharing with any Subcontractors not able to meet all HIPAA requirements," Cerebral said in the disclosure. "In addition, we have enhanced our information security practices and technology vetting processes to further mitigate the risk of sharing such information in the future."
The company's notice to customers is not easy to find. You have to scroll all the way to the bottom of the websitewhere you'll find, in small font: "See herefor more information on the March 2023 HIPAA breach." The social media companies that now have access to this data do not have to delete it, even if the data from Cerebral's breach is supposed to be covered under the U.S. health privacy law HIPAA.
Related Stories
- Millions of email names, passwords hacked in giant data breach, report says
- 235 million Twitter accounts were leaked in a huge data breach
- Uber's had a data breach, and we don't know how bad it is yet
- DoorDash data breach leaves important customer details exposed
- T-Mobile agrees to give money to customers affected by 2021 data breach
Cerebral is just one of the nearly 50 telehealth startups that shared user data with advertising platforms last year, according to a joint investigation by STAT and The Markup.
TopicsHealthPrivacy
(责任编辑:关于我们)
- Google is bringing AI summaries to ‘Files’ so you can find your docs quicker
- You can bring your Galaxy Note7 on an airplane, just don't turn it on or plug it in
- Google claims it awards gender
- Please enjoy this footage of Kylie and Kendall Jenner stuck in an elevator
- 微视频广东:在推进中国式现代化建设中走在前列
- 2016's $400 GPU vs. 2019's $400 GPUs
- Female news anchor slammed for the terrible crime of wearing skinny jeans
- Trump promotes fake Muslim massacre after Barcelona attack
- N. Korean leader attends farm machinery exhibition
- NASA's new plan keeps Starliner astronauts in space until 2025
- Nagelsmann under pressure to land Bayern's 10th league title
- What do you think of Cam Newton's new touchdown dance?
- North Korea introduces first female supersonic jet pilots
-
NYT mini crossword answers for August 29
The Mini is a bite-sized version of The New York Times' revered daily crossword. While the crossword ...[详细] -
Demand for Chinese yuan grows in N. Korean private markets: report
North Korea's unofficial private market, known as "jangmadang" is seen in this photo, Sept. 22, 2020 ...[详细] -
J.K. Rowling tweets heartbreaking video of Heather Heyer's mother
In the light of the tragic events in Charlottesville, the parents of Heather Heyer have offered a ra ...[详细] -
US slaps sanctions on 3 Russian entities, 1 person over arms transfers with N. Korea
White House national security spokesperson John Kirby speaks about alleged North Korean ballistic mi ...[详细] -
Keurig K Mini deal — get $30 off at Target
GET $30 OFF:As of Aug 28, you can snag a Keurig K Mini single-serve coffee maker for just $59.99, do ...[详细] -
April Fools' Day is upon us again -- and for two of the last three years, Google has rolled out a fu ...[详细]
-
Ruling party gears up for unilateral approval of new PM
The ruling Saenuri Party will push to unilaterally win parliamentary approval for President Park Geu ...[详细] -
Google claims it awards gender
Google said it was "quite surprised" when the Department of Labor claimed last week that the tech gi ...[详细] -
29 Dive Bars, Saloons, and Taverns Where the Vibe Is Unbeatable
From hand-sculpted ice spheres to baroque cocktails made with everything from olive oil–washed gin t ...[详细] -
A drunken American saluted Hitler in Germany and it did not go well for him
If you see a drunken dumbass saluting the ghost of Hitler in the streets, kindly smack them in the f ...[详细]
- PCB official under probe for conflict of interest
- New Snapchat geofilter to lure teen voters in Scotland
- Most newlyweds in Seoul live on lease
- I drove 250 miles on one charge in the Chevy Bolt. This is the future of GM.
- Swifties for Kamala raises over $100,000 in donations for Harris campaign
- NASA just launched a probe on a mission to sample an asteroid
- Dick Gregory, Comedian and Civil Right figure, dead at 84