Patients of Cedars-Sinai did not want third parties to target them with advertising that may be related to their medical conditions, a would-be class action lawsuit against the Los Angeles teaching hospital says.
The lawsuit [PDF] was originally filed in the California Superior Court before being transferred to a federal court late last week.
The complaint filed by anonymous patient John Doe claims that his and other patients’ private data, including medical information, was communicated to Facebook/Meta via the use of the so-called Meta Pixel on Cedars’ website. The suit describes Pixel as “a piece of code written by Meta to enable itself and its business customers to track and share data about customer transactions.”
The suit goes on to claim that:
The suit claims this was contrary to Cedars-Sinai’s own privacy policy, which said “personal information” would only be used “for the purpose it is submitted to us.”
The suit also claimed that “by installing the tracking code” Cedars-Sinai let marketing entities use patients’ private information to target them with advertising by “other, unrelated businesses.”
It added: “By way of illustration, if a patient made an appointment with a doctor for treatment of cancer, the tracking code Cedars-Sinai put on its Website conveyed that information to Meta, which in turn allowed Meta to include that patient in marketing target groups that it offered to its other advertising clients who wanted to market to cancer patients.”
The suit also takes issue with Cedars’ use of Google Analytics and Microsoft’s bat.bing, specifically in the context of a website where they enter private and personal information. It points out, for example, that Google’s rules for advertisers state that users’ “physical or mental health conditions” and “products used to treat them… should not be used in advertising.”
Cedars Sinai declined to comment on pending legal matters.
The suit comes just months after another anonymous Doe sued Meta itself in the Northern District of California, alleging Facebook had received patient data from at least 664 hospital systems or medical providers via the same method – then known as Facebook Pixel.
The Cedars-Sinai Doe is looking for damages, fees, class certification for his lawsuit and an injunction stopping the medical group from sharing further private info without users’ permission. ®