Healthcare Marketplaces Shared Sensitive Data With Advertisers

A new investigation from Bloomberg has revealed how state-run health insurance marketplaces have - often accidentally - been sharing sensitive data with tech giants.

The United States healthcare landscape is complicated. The healthcare system is largely privatized. Many employers offer health insurance to full-time employees, while those not covered can either purchase private insurance or sometimes qualify for government-subsidized plans.

Those who aren't provided insurance by their employer often use state-sponsored portals - such as healthcare.gov - to see available plans. In about 20 US states, the state offers a similar service (which healthcare.gov can direct users from those states to).

Bloomberg has since discovered that nearly all state-run health insurance marketplaces contain analytics trackers that send sensitive data back to Big Tech companies and advertisers.

For example, they found that a Washington applicant's sex, citizenship status, and sometimes race were sent to TikTok. In New York, the pages visited were sent to Meta, Snap, and LinkedIn.

The culprit are "pixels" provided by companies like Meta, TikTok, and others. The pixels provide analytics insight to site administrators but also collect data for the parent company to collect for advertising. Many of these companies claim not to collect sensitive, protected data - such as race and religion - but Bloomberg found many of these filters were ineffective at filtering out such data in all cases.

This is not a new problem. Since 2022, The Markup has extensively covered situations exactly like this - multiple organizations (including healthcare marketplaces) using tracking pixels for analtyics purposes but companies also getting copies of extremely sensitive data.