Cerebral, a telehealth startup that gained popularity early in the pandemic, announced this week that it shared the personal data of more than 3.1 million U.S. patients with social media companies and advertisers, including Google, Meta and TikTok. clarified.As first reported by TechCrunch (via The Barge), recently uploaded news Cerebral’s website reveals that the company used “pixels” to track scripts such as: meta Since our launch in October 2019, we have been providing it to third-party developers for advertising purposes to collect user data.
Following a recent review of its software, Cerebral “determined that it disclosed certain information that could be regulated as protected health information. [the Health Insurance Portability and Accountability Act]” Data shared by the brain includes names, phone numbers, dates of birth, and insurance information. In some cases, the company may have also made public information collected through mental health self-assessment patients completed to schedule counseling appointments or access other services. Security numbers, banking information and credit card numbers have not been disclosed.
After learning of the oversight, Cerebral says it “disabled, reconfigured and/or removed” the tracking pixels that caused the data breach. “In addition, we have strengthened our information security practices and technical review process to further reduce the risk of sharing such information in the future.” Cerebral investigationThe news of the data breach comes after the Federal Trade Commission fined discount drug app GoodRx $1.5 million for sharing patient information with Meta and Google. Earlier this month, the agency announced her $7.8 million settlement with online counseling firm BetterHelp, saying it would ban the company from sharing health data for ad targeting.