From bankinfosecurity.com
A second healthcare entity is treating its past use of Facebook’s Pixel website tracking code in patient portals as a data breach requiring regulatory notification.
North Carolina-based WakeMed Health and Hospitals reported to the Department of Health and Human Services on Oct. 14 an unauthorized access/disclosure breach affecting nearly 500,000 individuals.
The entity’s breach notification statement says “select data” – including email addresses, phone numbers, novel coronavirus vaccine status and appointment information – may have been transmitted to Facebook parent Meta through the social media’s deployable tracking code.
Affected information did not include Social Security numbers or other financial information unless it was entered into a free text box by the user, the notification says.
WakeMed says it began using Pixel in 2018 and discontinued its use this past May.