Published 2026-05-05
Summary: Investigations found that some U.S. state health exchange websites sent visitors’ personal data to advertising and big-tech trackers. The data included sensitive health details such as prescription drug names and dosages, raising concerns about privacy protections and the effectiveness of existing laws.
What We Know
- The Markup and CalMatters audited 19 state health exchange websites and found that four states exposed visitors’ sensitive health information through advertising trackers.
- Data observed being sent by web trackers on ACA state exchange websites included prescription drug names and dosages.
- State exchange websites collect health-history questions from users to tailor information about plans, which can increase the amount of health data transmitted to trackers.
- Experts suggest that current privacy laws may be insufficient to prevent sharing of personal health data with third-party platforms.
What’s Still Unclear
- Which four states specifically exposed health data via trackers (not confirmed in the available information).
- Whether data exposure extended beyond prescription drug details to other sensitive health information.
- Details on the exact regulatory framework applying to these shared data practices and any penalties or remedies considered.
- How state agencies plan to address or remediate these privacy gaps, if at all.
Context
Health data privacy is a growing concern as government-operated health portals rely on digital tools to help consumers compare plans and enroll. Advertisers and analytics providers use trackers on many sites, and there is ongoing public debate about whether current laws sufficiently protect individuals’ sensitive information collected online.
Why It Matters
Transmission of personal health information to third parties can expose individuals to privacy invasions, targeted advertising, or potential misuse of sensitive data. The situation highlights the balance between facilitating accessible health options and protecting consumer privacy under existing laws.
What to Watch Next
- Any official responses or policy changes from state health agencies regarding data-sharing practices on health exchange sites.
- Independent audits or updated findings on trackers used by health-related government portals.
- Developments in privacy regulation that address health data shared with third parties.
- Potential consumer-facing protections or opt-out mechanisms for health-data sharing.
FAQ
Q: What data were shared with big-tech trackers on state health exchange sites?
A: Reports indicate sensitive health information, including prescription drug names and dosages, were involved, but specific details vary by site and are not fully confirmed in the available information.
Q: Do these findings mean health data is not protected by HIPAA or other laws?
A: Experts say existing privacy laws may not be enough to fully prevent such data sharing; the exact regulatory implications depend on how data is collected and used on these sites.
Related coverage
- US Iran exchange fire news intensifies Gulf tensions, Trump
- Sweden Drops “Islamophobia” in Official Terms, Replacing It
- Leipzig car attack victims: Two dead, suspect detained by
Source Transparency
- This article is based on a short preliminary brief and may not reflect the full details available in ongoing reporting.
- Source links are provided in the Sources section where available.
- A limited open-web check was used to clarify key details when possible; unclear items remain clearly marked.
Original brief: Some US state healthcare sites sent personal information — location, race, immigration data — to TikTok, Meta and other big tech companies. Experts say existing privacy laws aren’t enough…
Sources
- Digital Diagnosis: Health Data Privacy in the U.S. – Law and …
- We caught 4 more states sharing personal health data with Big Tech
- We caught 4 more states sharing health data to Big Tech trackers
- Digital Data-Sharing Plan Tests Limits of Health Privacy Rules
- Health Information and Data Sharing – Network for Public Health Law