.png)
Healthcare institutions and insurers arguably cod the astir delicate accusation astir you, including IDs, interaction details, addresses and aesculapian records. But they often don’t enactment successful the aforesaid level of effort to support that data.
That’s wide from the increasing fig of healthcare information breaches we’ve seen recently. In astir of those cases, a atrocious histrion was involved.
But successful the latest news, wellness security elephantine Blue Shield of California confirmed that it had been sharing backstage wellness information of 4.7 cardinal users with Google for 3 years without adjacent realizing it.
A idiosyncratic doing a Google search (Kurt "CyberGuy" Knutsson))
What you request to know
Blue Shield of California conscionable admitted to a large information privateness gaffe that went connected for astir 3 years, from April 2021 to January 2024. It was utilizing Google Analytics to way however radical utilized its subordinate websites. This is wholly mean since each concern does it. But the instrumentality was accidentally sharing delicate info with Google Ads due to the fact that it wasn’t acceptable up properly.
What I find highly shocking is that it took the institution 3 years to recognize it was sharing its idiosyncratic information with Google to tally ads. This says a batch astir however overmuch these healthcare giants attraction astir protecting your data.
The shared information included a wide array of protected wellness accusation (PHI), including names, zip codes, gender, aesculapian assertion dates, online relationship numbers, security program names, radical numbers, household information and adjacent hunt criteria utilized successful its "Find a Doctor" feature.
"Google whitethorn person utilized this information to behaviour focused advertisement campaigns backmost to those idiosyncratic members. We privation to reassure our members that nary atrocious histrion was involved, and, to our knowledge, Google has not utilized the accusation for immoderate intent different than these ads oregon shared the protected accusation with anyone," the company said successful a announcement connected its website.
This incidental is not isolated. Over the past fewer years, healthcare and tech companies person travel nether scrutiny for akin missteps. The Federal Trade Commission (FTC) and the Department of Health and Human Services (HHS) person already issued warnings astir the usage of tracking technologies successful healthcare, particularly those that mightiness exposure diligent information to 3rd parties without capable transparency oregon safeguards.
A Google spokesperson provided the pursuing remark to CyberGuy erstwhile asked astir the Blue Shield information breach:
"Businesses, not Google, negociate the information they cod and indispensable pass users astir its postulation and use. By default, immoderate information sent to Google Analytics for measurement does not place individuals, and we person strict policies against collecting backstage wellness accusation (PHI) oregon advertizing based connected delicate information."
A idiosyncratic moving connected their laptop (Kurt "CyberGuy" Knutsson)
MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT
Impact connected patients and the industry
Since the information was lone shared with Google and not immoderate different party, the wide hazard is comparatively low, isolated from the wide privateness violation. It’s highly improbable that anyone other volition summation entree to it, truthful the chances of the information being misused are slim. Google says it doesn’t let ads to beryllium served based connected delicate accusation similar health, truthful there’s a bully accidental your information wasn’t adjacent utilized for advertising.
Blue Shield's lawsuit follows a drawstring of akin breaches. Companies similar GoodRx, BetterHelp and Kaiser person each faced regulatory and ineligible consequences for sharing delicate idiosyncratic information with advertizing vendors. Some adjacent settled for millions of dollars. Despite the risks, galore healthcare organizations person continued utilizing these tools owed to the deficiency of wide regulatory guardrails, a concern analyzable further by a national tribunal ruling that blocked the Biden administration’s attempts to curb the usage of online trackers successful healthcare settings.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
A idiosyncratic moving connected a laptop (Kurt "CyberGuy" Knutsson)
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
How to support your wellness information online
The Blue Shield of California incidental is simply a reminder that adjacent well-known healthcare providers tin mishandle delicate data. While you can’t ever power what happens down the scenes, there are steps you tin instrumentality to trim your vulnerability and safeguard your privacy:
1. Limit what you stock connected wellness portals: Avoid entering much idiosyncratic details than perfectly indispensable connected security oregon supplier websites. Tools similar "Find a Doctor" mightiness log your hunt terms, truthful support inputs vague erstwhile possible.
2. Use privacy-focused browsers: Browsers similar Brave oregon Firefox connection built-in privateness protections, specified arsenic blocking third-party trackers that could exposure health-related browsing activity.
3. Turn disconnected advertisement personalization: Visit Google’s Ad Settings and disable advertisement personalization. This won’t halt tracking, but it tin trim however your information is utilized for targeting.
4. Opt retired of tracking wherever possible: Many healthcare sites usage cookies and tracking tools. Choose "reject all" oregon the strictest privateness settings successful cooky banners. If a tracking opt-out instrumentality is available, usage it.
5. Read privateness policies (yes, really): Look for connection similar "third-party sharing," "advertising," oregon "analytics." If a healthcare supplier mentions tools similar Google Analytics oregon Meta Pixel, that’s a cue to proceed cautiously.
6. Monitor your accounts and credit: Keep an oculus retired for antithetic security claims oregon aesculapian charges. Set up recognition alerts oregon monitoring services if your supplier offers them, particularly aft a breach.
7. Ask questions: Call oregon email your healthcare supplier oregon insurer. Ask what tracking tools they usage and however they support your data. The much consumers propulsion for transparency, the much unit determination is to amended standards.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Bonus privateness steps (For other bid of mind)
If you privation to spell beyond the basics, present are immoderate further steps that tin assistance trim your integer footprint and drawback misuse early:
Use a idiosyncratic information removal service: While nary work tin warrant the implicit removal of your information from the internet, a information removal work is truly a astute choice. They aren’t inexpensive — and neither is your privacy. These services bash each the enactment for you by actively monitoring and systematically erasing your idiosyncratic accusation from hundreds of websites. It’s what gives maine bid of caput and has proven to beryllium the astir effectual mode to erase your idiosyncratic information from the internet. By limiting the accusation available, you trim the hazard of scammers cross-referencing information from breaches with accusation they mightiness find connected the acheronian web, making it harder for them to people you. Check retired my apical picks for information removal services here.
Consider individuality theft extortion services: If you’re acrophobic astir fraud oregon aesculapian individuality theft, you'll privation to see utilizing individuality theft extortion services. Identity theft companies tin show idiosyncratic accusation similar your Social Security number, telephone fig and email code and alert you if it is being sold connected the acheronian web oregon being utilized to unfastened an account. They tin besides assistance you successful freezing your slope and recognition paper accounts to forestall further unauthorized usage by criminals.
Use beardown antivirus software: To defender against malware oregon phishing attacks that could compromise entree to your online wellness accounts, beryllium definite to usage beardown antivirus software. The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe. Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices.
Kurt’s cardinal takeaway
It baffles maine however careless astir companies are erstwhile it comes to protecting idiosyncratic data. Blue Shield "mistakenly" shared your information with Google, which past utilized it to amusement personalized ads. It took the institution 3 years to recognize this. While astir cyber incidents impact an attacker, this breach didn’t request one. We request accountability successful information practices, particularly erstwhile quality mistake oregon tech oversight tin origin harm astatine scale.
CLICK HERE TO GET THE FOX NEWS APP
How comfy are you knowing that your wellness information mightiness beryllium utilized to people ads? Let america cognize by penning america at Cyberguy.com/Contact
For much of my tech tips and information alerts, subscribe to my escaped CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question oregon fto america cognize what stories you'd similar america to cover
Follow Kurt connected his societal channels
Answers to the astir asked CyberGuy questions:
- What is the champion mode to support your Mac, Windows, iPhone and Android devices from getting hacked?
- What is the champion mode to enactment private, unafraid and anonymous portion browsing the web?
- How tin I get escaped of robocalls with apps and information removal services?
- How bash I region my backstage information from the internet?
New from Kurt:
- Try CyberGuy's caller games (crosswords, connection searches, trivia and more!)
- CyberGuy’s Exclusive Coupons and Deals
- Best gifts for Mom 2025
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt "CyberGuy" Knutsson is an award-winning tech writer who has a heavy emotion of technology, cogwheel and gadgets that marque beingness amended with his contributions for Fox News & FOX Business opening mornings connected "FOX & Friends." Got a tech question? Get Kurt’s escaped CyberGuy Newsletter, stock your voice, a communicative thought oregon remark astatine CyberGuy.com.
English (US) ·