An article from 
Dive Brief
A federal court in Texas ruled regulators exceeded their authority in limiting providers’ use of online tracking technologies.
Published June 24, 2024
This audio is auto-generated. Please let us know if you have feedback.
Dive Brief:
- The American Hospital Association and other provider groups largely won a lawsuit against federal regulators over government guidance limiting the use of third-party tracking technologies on providers’ websites.
- The hospitals filed suit in November, arguing the HHS’ guidance on trackers overstepped its authority and restrained providers’ ability to share health information with users.
- A judge in a Texas federal court on Thursday agreed and struck down that guidance, arguing the government had exceeded its authority under the HIPAA health privacy law.
Dive Insight:
Online trackers, or technologies that gather information about user behavior, are extremely common on hospital websites.
Regulators have raised concerns about the use of trackers among entities covered by HIPAA, especially how the technologies can share users’ health information with third parties, like marketing vendors or social media companies.
An investigation conducted by Stat and the Markup in 2022 found some hospitals’ webpages were sending personal patient information, including details about health conditions, prescriptions and medical appointments, with Facebook through the Meta Pixel installed on the sites.
The HHS Office for Civil Rights, which administers HIPAA, first released guidance limiting the trackers in December 2022, before updating it in March.
The bulletin said regulated entities aren’t allowed to use the trackers in ways that could disclose protected health information to third parties — for example, collecting a patient’s email address and making an appointment or collecting symptoms could be a HIPAA violation.
However, hospitals argued the online trackers improved their websites and enhanced patient care. They use third-party technologies for analytics to determine what information users are searching for, to translate information to non-English speakers and to help users find healthcare services, according to the suit filed by the AHA, the Texas Hospital Association and two Texas health systems.
Dozens of hospital associations and providers also filed amicus briefs in the Texas suit, arguing the ruling would threaten their ability to offer needed care and medical information.
The District Court for the Northern District of Texas ruled to vacate the guidance, but stopped short of a permanent injunction that was requested by the hospital groups, noting regulators have seen a “surge of complaints” about trackers disclosing health information.
The HHS OCR didn’t respond to a request for comment by press time.
Rebecca Pifer