From HHS OCR:
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) have published the joint letters that were sent in July 2023 to approximately 130 hospital systems and telehealth providers. The letters emphasize the risks and concerns about the use of online tracking technologies, such as the Meta/Facebook pixel and Google Analytics, that can track a user’s online activities. OCR also highlighted these concerns in a bulletin issued last year that reminded HIPAA regulated entities of their responsibilities to protect health data from unauthorized disclosure under the law.
The joint letters are available at www.hhs.gov/hipaa/for-professionals/privacy/guidance/index.html, and on FTC’s website at www.ftc.gov/legal-library/browse/frequently-requested-foia-records/hhs-ftc-letters/hhs-office-civil-rights-ftc-letters-re-use-online-tracking-technologies.