phoneymouse@lemmy.world 7 months ago
This is just a guess, but I would assume the hospitals doing this are unaware. They probably just put Google Analytics and Meta’s SDK on their website, completely oblivious to the fact that that shit vacuums up everything on the page, including text box inputs.
space@lemmy.dbzer0.com 7 months ago
The bad part is that even if you block everything on the client side with ad/tracker blocking extensions, there’s nothing stopping them from collecting data on the server side.
disguy_ovahea@lemmy.world 7 months ago
That would be a violation of HIPAA.
space@lemmy.dbzer0.com 7 months ago
I was referring to the website. This article goes in a lot more detail about how it works.
I’m pretty sure they are consulting lawyers to see how much data they can sell to third parties without breaking the law.
disguy_ovahea@lemmy.world 7 months ago
For non-medical data, sure. That’s not an uncommon form of data collection. It’s a complete violation of HIPAA to use something like that on medical databases.
CrayonRosary@lemmy.world 7 months ago
Please explain. How can google, Facebook, and such get data out of a hospital web server directly? That would be hacking.
space@lemmy.dbzer0.com 7 months ago
Typically trackers are implemented client side because it’s more convenient. It’s closer to the user, it can collect more data, and there is only one programming language it needs to support, Javascript.
But the disadvantage is that it can be blocked by the users. Data collection and user tracking can also be done on the server side. There are many analytics packages that support it, including Google Analytics. This is much easier to hide from the users. Here is an article I found on the topic.
It’s not hacking because the website developers integrate it willingly.