Marianne Kolbasuk McGee reports:
Kaiser Permanente has agreed to pay up to $47.5 million to settle consolidated class action litigation stemming from its use of tracking codes in its websites, patient portals and mobile apps. Claimants alleged the trackers unlawfully shared patients’ information with third parties, including Google, Microsoft and X – formerly Twitter.
California-based Kaiser Permanente is one of the largest U.S. not-for-profit health plans and healthcare providers, serving about 12.6 million members in eight states and Washington, D.C.
The organization’s insurance arm, Kaiser Foundation Health Plan, reported the incident in April 2024 to federal regulators as an unauthorized access/disclosure HIPAA breach affecting 13.4 million people.
Read more at Bank Info Security.