【】

Startups are notoriously bad at keeping our data safe. Cerebral — a telehealth startup that launched into popularity during the early days of the coronavirus pandemic — has shared more than 3.1 million U.S. users' private health information with advertisers and social media platforms including Google, Meta, and TikTok.
In a disclosure first reported by TechCrunch, Cerebral said it used tracking technologies made available by third parties like Google, Meta, and TikTok. It's not uncommon for websites to use these kinds of tracking technologies for advertising and it's not uncommon for those practices to end in data breaches and, yes, even HIPAA violations.
That's just what Cerebral did: After reviewing its use of these technologies and data-sharing practices, the company "determined that it had disclosed certain information that may be regulated as protected health information under HIPAA" to some of those third parties. Cerebral may have accidentally given Google, Meta, and TikTok the personal information of its users such as names, phone numbers, email addresses, birthdays, IP addresses, results of their mental health self-assessments, treatments, and other clinical information.
"Upon learning of this issue, Cerebral promptly disabled, reconfigured, and/or removed the Tracking Technologies on Cerebral’s Platforms to prevent any such disclosures in the future and discontinued or disabled data sharing with any Subcontractors not able to meet all HIPAA requirements," Cerebral said in the disclosure. "In addition, we have enhanced our information security practices and technology vetting processes to further mitigate the risk of sharing such information in the future."

The company's notice to customers is not easy to find. You have to scroll all the way to the bottom of the websitewhere you'll find, in small font: "See herefor more information on the March 2023 HIPAA breach." The social media companies that now have access to this data do not have to delete it, even if the data from Cerebral's breach is supposed to be covered under the U.S. health privacy law HIPAA.
Related Stories
- Millions of email names, passwords hacked in giant data breach, report says
- 235 million Twitter accounts were leaked in a huge data breach
- Uber's had a data breach, and we don't know how bad it is yet
- DoorDash data breach leaves important customer details exposed
- T-Mobile agrees to give money to customers affected by 2021 data breach
Cerebral is just one of the nearly 50 telehealth startups that shared user data with advertising platforms last year, according to a joint investigation by STAT and The Markup.
TopicsHealthPrivacy
相关文章
U.S. pole vaulter skids to a halt for national anthem
An American pole vaulter took his patriotism to the next level at the Olympics. 。Sam Kendricks, a sec2025-04-04- 價值5000元 ?二手交易平台現2020賽季中超冠軍獎牌_金牌_蘇寧隊_北京國安隊www.ty42.com 日期:2022-03-24 07:31:00| 評論(已有337321條評論)2025-04-04
- 迪巴拉向其團隊詢問加盟巴黎可能 米蘭雙雄有意他_尤文_續約_萊昂納多www.ty42.com 日期:2022-03-23 08:31:00| 評論(已有337147條評論)2025-04-04
- 尤文欲效仿C羅模式挖薩拉赫 囧叔願改踢利物浦打法_夏天_續約_歐冠www.ty42.com 日期:2022-03-23 14:31:00| 評論(已有337219條評論)2025-04-04
Xiaomi accused of copying again, this time by Jawbone
Imitation is not always the best form of flattery. 。 SEE ALSO:Xiaomi's MacBook Air clone is called, w2025-04-04- 尤文決定買斷莫拉塔但買斷費折半 隻願出1500萬歐_歐元_的合同_消息www.ty42.com 日期:2022-03-23 08:01:00| 評論(已有337130條評論)2025-04-04
最新评论