The class action case followed concerns of a data breach stemming from Kaiser’s use of web tracking devices.
What happened
Kaiser Permanente recently agreed to settle a class action lawsuit regarding web tracking technology. In the suit, the complainants alleged that Kaiser’s use of tracking technology on its website, mobile apps, and patient portals led to the improper disclosure of personal information to third-party companies.
Currently, Kaiser has agreed to pay $46 million in a preliminary settlement, but the final terms are still being negotiated, and the settlement fund may be increased to $47.5 million. The increase is contingent on a confidential supplemental agreement.
The backstory
Kaiser’s settlement follows a breach that impacted 13.4 million individuals in April 2024. The incident was one of the largest in 2024, second only to the record-breaking Change Healthcare data breach. The breach disclosed information included member names, IP addresses, and information related to how members interact with Kaiser’s sites.
The big picture
The lawsuit is not the only to stem from third-party tracking technology. There have been numerous lawsuits related to this web technology over the past several years. According to a 2024 Paubox report, at the time, over 300 lawsuits had been filed against healthcare organizations with similar complaints. The widespread use of pixels was publicized in June 2022, when it was discovered that many hospitals were using the Meta Pixel embedded in their website. Despite privacy concerns, pixels are often naturally embedded in websites, sometimes without the ability to turn them off. These pixels then collect user data, which could be potentially shared with outside companies for advertising purposes.
As time passes, more lawsuits will likely continue to emerge and hospitals will likely continue to move away from using website-tracking technology. Any organization that uses this technology, which includes the popular tools Google Tag Manager and Facebook Pixel, should consider potential privacy concerns.
FAQs
Why are these lawsuits spanning multiple years?
Different lawsuits will have different timelines, depending on when suits are filed, consolidated, and make it to court or mediation. Furthermore, when it comes to bigger organizations like Kaiser, cases can become much more complex—there may be more evidence and victims involved.
Is it ever okay for healthcare organizations to use pixels or other website tracking technology?
It is generally not recommended for healthcare practices or companies that handle protected health information (PHI) to use website tracking technology. Currently, HIPAA prohibits covered entities from sharing PHI with third parties without explicit consent.
Abby Grifno
